diff --git a/.gitignore b/.gitignore
index e05e355..49265d7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,5 @@ build/mysqltuner.spec
build/build.log
build/cve*
build/vulnerabilities*
+*.bak
+Vagrant/Vagrantfile
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 3e913c2..68fcbaf 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -27,7 +27,7 @@ following restrictions:
respect the opinions of others.
-##Before submitting an issue##
+## Before submitting an issue
1. Upgrade to the latest version of MySQLTuner and see if the problem remains
@@ -47,7 +47,7 @@ Good bug reports are extremely helpful — thank you!
Guidelines for bug reports:
-1. **Use the [GitHub issue search](https://github.com/major/MySQLTuner-perl/search?type=Issues)** — check if the issue has already been
+1. **Use the [GitHub issue search]** — check if the issue has already been
reported.
2. **Check if the bug has already been fixed** — try to reproduce it using the
@@ -100,13 +100,13 @@ to MySQLTuner will be evaluated on a combination of scope (how well it fits into
project), maintenance burden and general usefulness.
Creating something great often means saying no to seemingly good ideas. Don't
-dispair if your feature request isn't accepted, take action! Fork the
+despair if your feature request isn't accepted, take action! Fork the
repository, build your idea and share it with others. We released MySQLTuner under
the MIT License for this purpose precisely. Open source works best when smart
and dedicated people riff off of each others' ideas to make even greater things.
-## New feature request ##
-* You can find Enhancement asked by community at [Enhancement issue](https://github.com/major/MySQLTuner-perl/labels/enhancement)
+## New feature request
+You can find Enhancement asked by community at [Enhancement issue]
## Pull requests
@@ -153,8 +153,7 @@ these guidelines is the best way to get your work included in MySQLTuner.
git checkout -b
```
-4. Commit your changes in logical chunks. Please adhere to these [git commit
- message guidelines](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html)
+4. Commit your changes in logical chunks. Please adhere to these [git commit message guidelines]
or your code is unlikely be merged into the main project. Use Git's
[interactive rebase](https://help.github.com/articles/interactive-rebase)
feature to tidy up your commits before making them public.
@@ -171,18 +170,23 @@ these guidelines is the best way to get your work included in MySQLTuner.
git push origin
```
-7. [Open a Pull Request](https://help.github.com/articles/using-pull-requests/)
- with a clear title and description.
+7. [Open a Pull Request] with a clear title and description.
**IMPORTANT**: By submitting a patch, you agree to allow the project owner to
-license your work under the [GPLv3 License](https://en.wikipedia.org/wiki/GNU_General_Public_License).
+license your work under the [GPLv3 License].
-Copy of the license is available at [LICENSE](https://github.com/major/MySQLTuner-perl/blob/master/LICENSE)
+Copy of the license is available at [LICENSE]
-#### MySQLTuner Code Conventions
+## MySQLTuner Code Conventions
1. Check code convention using **perltidy** and **perlcritic**
2. Don't manually update the version number in `mysqltuner.pl`.
-
+
+[Enhancement issue]:https://github.com/major/MySQLTuner-perl/labels/enhancement
+[GitHub issue search]:https://github.com/major/MySQLTuner-perl/search?type=Issues
+[git commit message guidelines]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
+[Open a Pull Request]:https://help.github.com/articles/using-pull-requests/
+[GPLv3 License]:https://en.wikipedia.org/wiki/GNU_General_Public_License
+[LICENSE]:https://github.com/major/MySQLTuner-perl/blob/master/LICENSE
diff --git a/INTERNALS.md b/INTERNALS.md
index c932966..1e53f12 100644
--- a/INTERNALS.md
+++ b/INTERNALS.md
@@ -72,7 +72,7 @@
## MySQLTuner system checks
* 32-bit w/>2GB RAM check
* Check number of opened ports (warning if more than 9 ports opened)
-* Check 80, 8080, 443 and 8443 ports if warning are raised if there are opened
+* Check 80, 8080, 443 and 8443 ports if warning are raised if there are opened
* Check if some banned ports are not opened (option --bannedports separated by comma)
* Check if non kernel and user process except mysqld are not using more than 15% of total physical memory)
* Check vm.swapiness
@@ -84,7 +84,7 @@
## MySQLTuner Server version checks
* EOL MySQL version check
-* Currently MySQL < 5.1 are EOF considerated.
+* Currently MySQL < 5.1 are EOF considered.
* Using 5.5+ version of MySQL for performance issue (asynchronous IO).
## MySQL Storage engine general information
@@ -103,7 +103,7 @@
* Users w/o host restriction
* Weak password check (possibly using cracklib later?)
* Using basic_passwords.txt as password database
-* Password list checks can be avoid (option: --skippassword)
+* Password list checks can be avoid (option: --skippassword)
## MySQLTuner CVE vulnerabilities detection
@@ -131,7 +131,7 @@
* Per index information
* Index Cardinality
* Index Selectivity
- * Misc information about index definition
+ * Misc information about index definition
* Misc information about index size
## MySQLTuner Connections information
@@ -179,8 +179,8 @@
* Query Cache Buffers
* Query Cache DISABLED, ALL REQUEST or ON DEMAND
* Query Cache Size
- * Query cache hit ratio (cache efficienty)
-
+ * Query cache hit ratio (cache efficiency)
+
## MySQLTuner memory checks
* Get total RAM/swap
@@ -194,11 +194,16 @@
## MySQLTuner replication checks
-* Is server replication configuarted as slave ?
-* SQL replacation thread running ?
-* IO replacation thread running ?
-* Replication lag in seconds
-* Is Slave configuratedd in read only ?
+* Is server replication configured as slave ?
+* SQL replication thread running ?
+* IO replication thread running ?
+* Replication lag in seconds (Seconds_behind_master)
+* Is Slave configured in read only ?
+* replication type ROW, MIX, STMT
+* replication Semisync master
+* replication Semisync slave
+* XA support activated
+* replication started ?
## MySQLTuner InnoDB information
@@ -206,14 +211,16 @@
* If possible, innodb_buffer_pool_size should be greater data and index size for Innodb Table
* Innodb_buffer_pool_size should around 75 to 80 % of the available system memory.
* InnoDB Buffer Pool Instances
- * MySQL needs 1 instanes per 1Go of Buffer Pool
+ * MySQL needs 1 instance per 1Go of Buffer Pool
* innodb_buffer_pool instances = round(innodb_buffer_pool_size / 1Go)
* innodb_buffer_pool instances must be equals or lower than 64
-* InnoDB Buffer Pool Usage
+* InnoDB Buffer Pool Usage
* If more than 20% of InnoDB buffer pool is not used, MySQLTuner raise an alert.
-* InnoDB Read effiency
+* InnoDB Buffer Pool Log Size
+ * InnoDB total log file size should be 25% of innodb_buffer_pool_size
+* InnoDB Read efficiency
* Ratio of read without locks
-* InnoDB Write effiency
+* InnoDB Write efficiency
* Ratio of write without locks
* InnoDB Log Waits
* Checks that no lock is used on Innodb Log.
@@ -225,7 +232,7 @@
* Is Aria indexes size is greater than page cache size ?
* Page cache read hit ratio (>95%)
* Page cache write hit ratio (>95%)
-
+
## MySQLTuner MYISAM information
@@ -249,6 +256,10 @@
* Joiner(Try to reach cluster group)
* SYNCED state able to read/write
* wsrep_cluster_conf_id configuration level must be identical in all nodes
+* wsrep_slave_thread is between 3 or 4 times number of CPU core.
+* gcs.limit should be equal to wsrep_slave_threads * 5
+* gcs.fc_factor should be equal to 0.8
+* Flow control fraction should be lower than 0.02 (wsrep_flow_control_paused < 0.02)
* wsrep_last_commited committed level must be identical in all nodes
* Look for tables without primary keys
* Look for non InnoDB tables for Galera
@@ -260,13 +271,13 @@
## MySQLTuner TokuDB information
-* tokudb_cache_size
-* tokudb_directio
+* tokudb_cache_size
+* tokudb_directio
* tokudb_empty_scan
* tokudb_read_block_size
* tokudb_commit_sync
* tokudb_checkpointing_period
-* tokudb_block_size
+* tokudb_block_size
* tokudb_cleaner_iterations
* tokudb_fanout
@@ -285,14 +296,16 @@
## MySQLTuner RocksDb information
* Nothing for the moment
-
+
## MySQLTuner Thread pool information
* thread_pool_size between 16 to 36 for Innodb usage
* thread_pool_size between 4 to 8 for MyIsam usage
## MySQLTuner performance schema and sysschema information
-
+* Check that Performance schema is activated for 5.6+ version
+* Check that Performance schema is deactivated for 5.5- version
+* Check that Sys schema is installed
* sys Schema version
* Top user per connection
* Top user per statement
@@ -346,9 +359,9 @@
* Event per wait total latency
* Event per wait read latency
* Event per wait write latency
-* TOP 15 most read indexes
+* TOP 15 most read indexes
* TOP 15 most modified indexes
-* TOP 15 high select latency index
+* TOP 15 high select latency index
* TOP 15 high insert latency index
* TOP 15 high update latency index
* TOP 15 high delete latency index
@@ -377,7 +390,7 @@
* TOP 15 merge queries with sort
* TOP 15 average sort merges queries with sort
* TOP 15 scans queries with sort
-* TOP 15 range queries with sort
+* TOP 15 range queries with sort
* Top 20 queries with temp table
* Last 50 queries with temp table
* TOP 15 total latency queries with temp table
@@ -387,4 +400,4 @@
* TOP 15 class events by total latency
* TOP 30 events by total latency
* TOP 15 class events by max latency
-* TOP 30 events by max latency
\ No newline at end of file
+* TOP 30 events by max latency
diff --git a/README.md b/README.md
index a223b03..b02b723 100644
--- a/README.md
+++ b/README.md
@@ -4,17 +4,17 @@ MySQLTuner-perl
[](http://opensource.box.com/badges)
[](http://opensource.box.com/badges)
[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
-[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
-[](https://opensource.org/licenses/GPL-3.0/)
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions.
-**MySQLTuner** supports in this last version ~300 indicators for MySQL/MariaDB/Percona Server.
+**MySQLTuner** supports ~300 indicators for MySQL/MariaDB/Percona Server in this last version.
-**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration such as , , , Linux OS metrics, , , , ...
+**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration such as [Galera Cluster](http://galeracluster.com/), [TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), [Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, [InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), [MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), [Aria](https://mariadb.com/kb/en/mariadb/aria/), ...
-You can found more details on this indicators
-.
+You can find more details on these indicators here:
+[Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md).
@@ -22,20 +22,23 @@ You can found more details on this indicators
MySQLTuner needs you:
===
-**MySQLTuner** needs contributors for documentation, code and feedbacks..
+**MySQLTuner** needs contributors for documentation, code and feedback..
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
-
+
Compatibility:
====
* MySQL 5.7 (full support)
* MySQL 5.6 (full support)
* MySQL 5.5 (full support)
+* MariaDB 10.3 (full support)
+* MariaDB 10.2 (full support)
* MariaDB 10.1 (full support)
* MariaDB 10.0 (full support)
+* Percona Server 5.7 (full support)
* Percona Server 5.6 (full support)
* Percona XtraDB cluster (full support)
* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version)
@@ -43,21 +46,29 @@ Compatibility:
* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants)
* Windows is not supported at this time (Help wanted !!!!!)
* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1)
-* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org)
+* CVE vulnerabilities detection support from [https://cve.mitre.org](https://cve.mitre.org)
***WARNING***
--
-It is **extremely important** for you to fully understand each change
-you make to a MySQL database server. If you don't understand portions
-of the script's output, or if you don't understand the recommendations,
-**you should consult** a knowledgeable DBA or system administrator
-that you trust. **Always** test your changes on staging environments, and
-always keep in mind that improvements in one area can **negatively affect**
+It is **extremely important** for you to fully understand each change
+you make to a MySQL database server. If you don't understand portions
+of the script's output, or if you don't understand the recommendations,
+**you should consult** a knowledgeable DBA or system administrator
+that you trust. **Always** test your changes on staging environments, and
+always keep in mind that improvements in one area can **negatively affect**
MySQL in other areas.
**Seriously - please review the FAQ section below.**
-What MySQLTuner is checking exactly ?
+
+Security recommendations
+--
+
+Hi directadmin user!
+We detected that you run mysqltuner with da_admin's credentials taken from /usr/local/directadmin/conf/my.cnf, which might bring to a password discovery!
+Read link for more details [Issue #289](https://github.com/major/MySQLTuner-perl/issues/289).
+
+What MySQLTuner is checking exactly ?
--
All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
@@ -70,7 +81,7 @@ You can download the entire repository by using 'git clone' followed by the clon
wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
perl mysqltuner.pl
-
+
Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly.
Specific usage
@@ -78,17 +89,17 @@ Specific usage
__Usage:__ Minimal usage locally
- perl mysqltuner.pl
+ perl mysqltuner.pl
__Usage:__ Minimal usage remotely
perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
-__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
+__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
perl mysqltuner.pl --verbose
perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
-
+
__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
@@ -98,7 +109,7 @@ __Usage:__ Write your result in a file with information displayed
perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
-__Usage:__ Write your result in a file **without outputting information**
+__Usage:__ Write your result in a file **without outputting information**
perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
@@ -106,7 +117,7 @@ __Usage:__ Using template model to customize your reporting file based on [Text:
perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
-__Usage:__ Enable debugging information
+__Usage:__ Enable debugging information
perl mysqltuner.pl --debug
@@ -115,7 +126,7 @@ FAQ
**Question: Will MySQLTuner fix my slow MySQL server?**
-**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
+**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations for improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
**Question: Can I fire my DBA now?**
@@ -128,7 +139,7 @@ The script will try its best to log in via any means possible. It will check fo
[client]
user=someusername
pass=thatuserspassword
-
+
Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?**
@@ -136,10 +147,10 @@ Once you create it, make sure it's owned by your user and the mode on the file i
You could use mysql_config_editor utilities.
$ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
- Enter passord: ********
+ Enter password: ********
$
-At this time, ~/.mylogin.cnf has been written with appropriated rigth access.
+After which, ~/.mylogin.cnf will be created with the appropriate access.
To get information about stored credentials, use the following command:
@@ -179,9 +190,9 @@ Connection and Authentication
--host Connect to a remote host to perform tests (default: localhost)
--socket Use a different socket for a local connection
--port Port to use for connection (default: 3306)
- --user Username to use for authentication
+ --user Username to use for authentication
--pass Password to use for authentication
- --defaults-file defaulfs file for credentials
+ --defaults-file defaults file for credentials
Since you are using a remote host, use parameters to supply values from the OS
@@ -195,6 +206,10 @@ If the database has too many tables, or very large table, use this:
--skipsize Don't enumerate tables and their types/sizes (default: on)
(Recommended for servers with many tables)
+**Question: Can I install this project using homebrew on Apple Macintosh?**
+
+Yes! `brew install mysqltuner` can be used to install this application using [homebrew](https://brew.sh/) on Apple Macintosh.
+
MySQLTuner and Vagrant
--
**MySQLTuner** contains following Vagrant configurations:
@@ -202,8 +217,8 @@ MySQLTuner and Vagrant
* Fedora Core 23 / MariaDB 10.1
* Fedora Core 23 / MySQL 5.6
* Fedora Core 23 / MySQL 5.7
-
-**Vagrant File** are stored in Vagrant subdirectory.
+
+**Vagrant File** are stored in Vagrant subdirectory.
* Follow this 2 steps after vagrant installation:
* Rename VagrantFile_for_Mxxx into Vagrantfile
* vagrant up
@@ -228,9 +243,8 @@ MySQLTuner and Vagrant
MySQLTuner needs you
--
-**MySQLTuner** needs contributors for documentation, code and feedbacks..
+**MySQLTuner** needs contributors for documentation, code and feedback..
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
-* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
-
diff --git a/README.ru.md b/README.ru.md
index 364c3c0..4ce0f63 100644
--- a/README.ru.md
+++ b/README.ru.md
@@ -13,10 +13,11 @@ MySQLTuner-perl
**MySQLTuner** поддерживает порядка 300 показателей для MySQL/MariaDB/Percona Server последних версий.
-**MySQLTuner** поддерживает сбор показателей для множества таких конфигураций, как , , , Linux OS metrics, , , , ...
+**MySQLTuner** поддерживает сбор показателей для множества таких конфигураций, как [Galera Cluster](http://galeracluster.com/), [TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), [Performance schema](https://github.com/mysql/mysql-sys), метрики ОС Linux, [InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), [MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), [Aria](https://mariadb.com/kb/en/mariadb/aria/), ...
+
Вы можете найти больше информации об этих показателях на
-.
+[Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md).
@@ -26,7 +27,7 @@ MySQLTuner нуждается в вас:
**MySQLTuner** нуждается в вашем вкладе в документацию и код, а так же ждёт обратную связь.
-* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
* Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
* Ставьте "звезды" **проекту MySQLTuner** на [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
@@ -61,6 +62,15 @@ MySQLTuner нуждается в вас:
**Серьезно - прочитайте раздел ЧаВо, который расположен чуть ниже.**
+
+Рекомендации по безопасности
+--
+
+Здравствуй, пользователь directadmin!
+Мы обнаружили, что запуск mysqltuner с доступами da_admin, взятыми из файла /usr/local/directadmin/conf/my.cnf, может привести к компрометации пароля!
+Детали можно прочитать по ссылке [Issue #289](https://github.com/major/MySQLTuner-perl/issues/289).
+
+
Что именно проверяет MySQLTuner?
--
Все проверки, что выполняет **MySQLTuner**, задокументированы в [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md)
@@ -199,6 +209,10 @@ __Пример:__ Включение вывода отладочной инфо
--skipsize Don't enumerate tables and their types/sizes (default: on)
(Recommended for servers with many tables)
+**Вопрос: Я могу установить этот проект с помощью homebrew на Apple Macintosh?**
+
+Да! Вы можете уставновить его командой `brew install mysqltuner` с помощью [homebrew](https://brew.sh/) на Apple Macintosh.
+
MySQLTuner и Vagrant
--
**MySQLTuner** содержится в следующих конфигурациях Vagrant:
@@ -235,7 +249,7 @@ MySQLTuner нуждается в Вас:
**MySQLTuner** нуждается в вашем вкладе в документацию и код, а так же ждёт обратную связь.
-* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
* Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
* Ставьте "звезды" **проекту MySQLTuner** на [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
diff --git a/USAGE.md b/USAGE.md
index 56e7609..ed9e858 100644
--- a/USAGE.md
+++ b/USAGE.md
@@ -1,6 +1,6 @@
# NAME
- MySQLTuner 1.6.20 - MySQL High Performance Tuning Script
+ MySQLTuner 1.7.9 - MySQL High Performance Tuning Script
# IMPORTANT USAGE GUIDELINES
@@ -9,17 +9,21 @@ Allow MySQL server to run for at least 24-48 hours before trusting suggestions
Some routines may require root level privileges (script will provide warnings)
You must provide the remote server's total memory when connecting to other servers
-# CONNECTION AND AUTHENTIFICATION
+# CONNECTION AND AUTHENTICATION
- --host Connect to a remote host to perform tests (default: localhost)
- --socket Use a different socket for a local connection
- --port Port to use for connection (default: 3306)
- --user Username to use for authentication
- --pass Password to use for authentication
- --mysqladmin Path to a custom mysqladmin executable
- --mysqlcmd Path to a custom mysql executable
- --defaults-file Path to a custom .my.cnf
- =head1 PERFORMANCE AND REPORTING OPTIONS
+ --host Connect to a remote host to perform tests (default: localhost)
+ --socket Use a different socket for a local connection
+ --port Port to use for connection (default: 3306)
+ --user Username to use for authentication
+ --userenv Name of env variable which contains username to use for authentication
+ --pass Password to use for authentication
+ --passenv Name of env variable which contains password to use for authentication
+ --ssl-ca Path to public key
+ --mysqladmin Path to a custom mysqladmin executable
+ --mysqlcmd Path to a custom mysql executable
+ --defaults-file Path to a custom .my.cnf
+
+# PERFORMANCE AND REPORTING OPTIONS
--skipsize Don't enumerate tables and their types/sizes (default: on)
(Recommended for servers with many tables)
@@ -40,10 +44,10 @@ You must provide the remote server's total memory when connecting to other serve
--dbstat Print database information
--idxstat Print index information
--sysstat Print system information
- --pfstat Print Performance schema
+ --pfstat Print Performance schema
--bannedports Ports banned separated by comma(,)
--maxportallowed Number of ports opened allowed on this hosts
- --cvefile CVE File for vulnerability checks
+ --cvefile CVE File for vulnerability checks
--nocolor Don't print output in color
--json Print result as JSON string
--buffers Print global and per-thread buffer values
@@ -51,7 +55,8 @@ You must provide the remote server's total memory when connecting to other serve
--reportfile Path to a report txt file
--template Path to a template file
--verbose Prints out all options (default: no verbose)
- =head1 PERLDOC
+
+# PERLDOC
You can find documentation for this module with the perldoc command.
@@ -120,7 +125,7 @@ Maintained by Major Hayden (major\\@mhtx.net) - Licensed under GPL
# COPYRIGHT AND LICENSE
-Copyright (C) 2006-2015 Major Hayden - major@mhtx.net
+Copyright (C) 2006-2017 Major Hayden - major@mhtx.net
For the latest updates, please visit http://mysqltuner.com/
@@ -138,4 +143,4 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License
-along with this program. If not, see .
+along with this program. If not, see <http://www.gnu.org/licenses/>.
diff --git a/Vagrant/Vagrantfile b/Vagrant/Vagrantfile
new file mode 100644
index 0000000..2f59cf7
--- /dev/null
+++ b/Vagrant/Vagrantfile
@@ -0,0 +1,99 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "fc23-mariadb10-0"
+ config.vm.box_url = "https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box"
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+ config.vbguest.auto_update = true
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.0.115"
+ config.hostmanager.enabled = true
+ config.hostmanager.manage_host = true
+ config.hostmanager.ignore_private_ip = false
+ config.hostmanager.include_offline = true
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ config.vm.network "public_network"
+ config.vm.hostname = 'dev.app'
+ config.hostmanager.aliases = %w(dev.app.localdomain dev.app.local)
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ config.vm.synced_folder "./data", "/data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = false
+ #
+ # # Customize the amount of memory on the VM:
+ vb.memory = "1024"
+ end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ config.vm.provision "shell", inline: <<-SHELL
+ sudo yum -y update
+ echo "secret" | sudo passwd --stdin root
+ sudo cp -pr ~vagrant/.ssh /root
+ sudo chown -R root.root /root/.ssh
+ sudo yum -y install git python
+ sudo pip install --upgrade pip
+ if [ ! -d "/data/MySQLTuner-perl" ]; then
+ cd /data
+ sudo git clone https://github.com/major/MySQLTuner-perl.git
+ fi
+ sudo yum -y install perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils
+ sudo cpanm install File::Util
+
+ sudo yum -y install mariadb mariadb-server wget
+ sudo systemctl start mariadb.service
+ mysql -e 'select version();'
+ cd /data
+ sudo wget "https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2"
+ sudo tar xvjf employees_db-full-1.0.6.tar.bz2
+ cd employees_db
+ cat employees.sql | mysql
+ cd ..
+ cd MySQLTuner-perl
+ perl mysqltuner.pl --idxstat --dbstat
+ SHELL
+ config.vm.provision :hostmanager
+end
diff --git a/Vagrant/Vagrantfile_for_MariaDB10.0 b/Vagrant/Vagrantfile_for_MariaDB10.0
index 2f59cf7..b70492c 100644
--- a/Vagrant/Vagrantfile_for_MariaDB10.0
+++ b/Vagrant/Vagrantfile_for_MariaDB10.0
@@ -12,11 +12,7 @@ Vagrant.configure(2) do |config|
# Every Vagrant development environment requires a box. You can search for
# boxes at https://atlas.hashicorp.com/search.
- config.vm.box = "fc23-mariadb10-0"
- config.vm.box_url = "https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box"
- # Disable automatic box update checking. If you disable this, then
- # boxes will only be checked for updates when the user runs
- # `vagrant box outdated`. This is not recommended.
+ config.vm.box = "centos/7"
# config.vm.box_check_update = false
config.vbguest.auto_update = true
# Create a forwarded port mapping which allows access to a specific port
@@ -24,6 +20,12 @@ Vagrant.configure(2) do |config|
# accessing "localhost:8080" will access port 80 on the guest machine.
# config.vm.network "forwarded_port", guest: 80, host: 8080
+ if Vagrant.has_plugin?("vagrant-proxyconf")
+ config.proxy.http = "http://10.195.50.51:3128/"
+ config.proxy.https = "http://10.195.50.51:3128/"
+ config.proxy.no_proxy = "localhost,127.0.0.1,.example.com"
+ end
+
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network "private_network", ip: "192.168.0.115"
@@ -74,17 +76,30 @@ Vagrant.configure(2) do |config|
echo "secret" | sudo passwd --stdin root
sudo cp -pr ~vagrant/.ssh /root
sudo chown -R root.root /root/.ssh
- sudo yum -y install git python
+
+ sudo yum-config-manager --enable base
+
+echo "[mariadb]" >/tmp/mariadb.repo
+echo "name = MariaDB" >>/tmp/mariadb.repo
+echo "baseurl = http://yum.mariadb.org/10.0/centos7-amd64" >> /tmp/mariadb.repo
+echo "gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB" >> /tmp/mariadb.repo
+echo "gpgcheck=1" >> /tmp/mariadb.repo
+sudo cp /tmp/mariadb.repo /etc/yum.repos.d/
+
+ sudo rpm -Uvh http://mirrors.ircam.fr/pub/fedora/epel/7/x86_64/e/epel-release-7-10.noarch.rpm
+
+
+ sudo yum -y install python2-pip git python perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils MariaDB-server MariaDB-Client wget
+
sudo pip install --upgrade pip
if [ ! -d "/data/MySQLTuner-perl" ]; then
cd /data
sudo git clone https://github.com/major/MySQLTuner-perl.git
- fi
- sudo yum -y install perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils
- sudo cpanm install File::Util
+ fi
+ sudo cpanm install File::Util
- sudo yum -y install mariadb mariadb-server wget
- sudo systemctl start mariadb.service
+ #sudo systemctl start mariadb.service
+ sudo service mysql start
mysql -e 'select version();'
cd /data
sudo wget "https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2"
diff --git a/Vagrant/Vagrantfile_for_MariaDB10.1 b/Vagrant/Vagrantfile_for_MariaDB10.1
index daa5ac3..238e12e 100644
--- a/Vagrant/Vagrantfile_for_MariaDB10.1
+++ b/Vagrant/Vagrantfile_for_MariaDB10.1
@@ -1,107 +1,114 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-# All Vagrant configuration is done below. The "2" in Vagrant.configure
-# configures the configuration version (we support older styles for
-# backwards compatibility). Please don't change it unless you know what
-# you're doing.
-Vagrant.configure(2) do |config|
- # The most common configuration options are documented and commented below.
- # For a complete reference, please see the online documentation at
- # https://docs.vagrantup.com.
-
- # Every Vagrant development environment requires a box. You can search for
- # boxes at https://atlas.hashicorp.com/search.
- config.vm.box = "fc23-mariadb10-1"
- config.vm.box_url = "https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box"
- # Disable automatic box update checking. If you disable this, then
- # boxes will only be checked for updates when the user runs
- # `vagrant box outdated`. This is not recommended.
- # config.vm.box_check_update = false
- config.vbguest.auto_update = true
- # Create a forwarded port mapping which allows access to a specific port
- # within the machine from a port on the host machine. In the example below,
- # accessing "localhost:8080" will access port 80 on the guest machine.
- # config.vm.network "forwarded_port", guest: 80, host: 8080
-
- # Create a private network, which allows host-only access to the machine
- # using a specific IP.
- # config.vm.network "private_network", ip: "192.168.0.115"
- config.hostmanager.enabled = true
- config.hostmanager.manage_host = true
- config.hostmanager.ignore_private_ip = false
- config.hostmanager.include_offline = true
-
- # Create a public network, which generally matched to bridged network.
- # Bridged networks make the machine appear as another physical device on
- # your network.
- config.vm.network "public_network"
- config.vm.hostname = 'dev.app'
- config.hostmanager.aliases = %w(dev.app.localdomain dev.app.local)
- # Share an additional folder to the guest VM. The first argument is
- # the path on the host to the actual folder. The second argument is
- # the path on the guest to mount the folder. And the optional third
- # argument is a set of non-required options.
- config.vm.synced_folder "./data", "/data"
-
- # Provider-specific configuration so you can fine-tune various
- # backing providers for Vagrant. These expose provider-specific options.
- # Example for VirtualBox:
- #
- config.vm.provider "virtualbox" do |vb|
- # # Display the VirtualBox GUI when booting the machine
- # vb.gui = false
- #
- # # Customize the amount of memory on the VM:
- vb.memory = "1024"
- end
- #
- # View the documentation for the provider you are using for more
- # information on available options.
-
- # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
- # such as FTP and Heroku are also available. See the documentation at
- # https://docs.vagrantup.com/v2/push/atlas.html for more information.
- # config.push.define "atlas" do |push|
- # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
- # end
-
- # Enable provisioning with a shell script. Additional provisioners such as
- # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
- # documentation for more information about their specific syntax and use.
- config.vm.provision "shell", inline: <<-SHELL
- sudo yum -y update
- echo "secret" | sudo passwd --stdin root
- sudo cp -pr ~vagrant/.ssh /root
- sudo chown -R root.root /root/.ssh
- sudo yum -y install git python
- sudo pip install --upgrade pip
- if [ ! -d "/data/MySQLTuner-perl" ]; then
- cd /data
- sudo git clone https://github.com/major/MySQLTuner-perl.git
- fi
-
- echo "# MariaDB 10.1 Fedora repository list - created 2016-01-25 13:11 UTC
-# http://mariadb.org/mariadb/repositories/
-[mariadb]
-name = MariaDB
-baseurl = http://yum.mariadb.org/10.1/fedora23-amd64
-gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
-gpgcheck=1" >> /etc/yum.repos.d/mariadb.repo
- sudo yum -y install perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils
- sudo cpanm install File::Util
-
- sudo yum -y install MariaDB-server MariaDB-client wget
- sudo systemctl start mariadb.service
- mysql -e 'select version();'
- cd /data
- sudo wget "https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2"
- sudo tar xvjf employees_db-full-1.0.6.tar.bz2
- cd employees_db
- cat employees.sql | mysql
- cd ..
- cd MySQLTuner-perl
- perl mysqltuner.pl --idxstat --dbstat
- SHELL
- config.vm.provision :hostmanager
-end
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "centos/7"
+ # config.vm.box_check_update = false
+ config.vbguest.auto_update = true
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+ if Vagrant.has_plugin?("vagrant-proxyconf")
+ config.proxy.http = "http://10.195.50.51:3128/"
+ config.proxy.https = "http://10.195.50.51:3128/"
+ config.proxy.no_proxy = "localhost,127.0.0.1,.example.com"
+ end
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.0.115"
+ config.hostmanager.enabled = true
+ config.hostmanager.manage_host = true
+ config.hostmanager.ignore_private_ip = false
+ config.hostmanager.include_offline = true
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ config.vm.network "public_network"
+ config.vm.hostname = 'dev.app'
+ config.hostmanager.aliases = %w(dev.app.localdomain dev.app.local)
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ config.vm.synced_folder "./data", "/data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = false
+ #
+ # # Customize the amount of memory on the VM:
+ vb.memory = "1024"
+ end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ config.vm.provision "shell", inline: <<-SHELL
+ sudo yum -y update
+ echo "secret" | sudo passwd --stdin root
+ sudo cp -pr ~vagrant/.ssh /root
+ sudo chown -R root.root /root/.ssh
+
+ sudo yum-config-manager --enable base
+
+echo "[mariadb]" >/tmp/mariadb.repo
+echo "name = MariaDB" >>/tmp/mariadb.repo
+echo "baseurl = http://yum.mariadb.org/10.1/centos7-amd64" >> /tmp/mariadb.repo
+echo "gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB" >> /tmp/mariadb.repo
+echo "gpgcheck=1" >> /tmp/mariadb.repo
+sudo cp /tmp/mariadb.repo /etc/yum.repos.d/
+
+ sudo rpm -Uvh http://mirrors.ircam.fr/pub/fedora/epel/7/x86_64/e/epel-release-7-10.noarch.rpm
+
+
+ sudo yum -y install python2-pip git python perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils MariaDB-server MariaDB-Client wget
+
+ sudo pip install --upgrade pip
+ if [ ! -d "/data/MySQLTuner-perl" ]; then
+ cd /data
+ sudo git clone https://github.com/major/MySQLTuner-perl.git
+ fi
+ sudo cpanm install File::Util
+
+ #sudo systemctl start mariadb.service
+ sudo service mysql start
+ mysql -e 'select version();'
+ cd /data
+ sudo wget "https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2"
+ sudo tar xvjf employees_db-full-1.0.6.tar.bz2
+ cd employees_db
+ cat employees.sql | mysql
+ cd ..
+ cd MySQLTuner-perl
+ perl mysqltuner.pl --idxstat --dbstat
+ SHELL
+ config.vm.provision :hostmanager
+end
diff --git a/Vagrant/Vagrantfile_for_MariaDB10.2 b/Vagrant/Vagrantfile_for_MariaDB10.2
new file mode 100644
index 0000000..650866f
--- /dev/null
+++ b/Vagrant/Vagrantfile_for_MariaDB10.2
@@ -0,0 +1,107 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "fc23-mariadb10-1"
+ config.vm.box_url = "https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box"
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+ config.vbguest.auto_update = true
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.0.115"
+ config.hostmanager.enabled = true
+ config.hostmanager.manage_host = true
+ config.hostmanager.ignore_private_ip = false
+ config.hostmanager.include_offline = true
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ config.vm.network "public_network"
+ config.vm.hostname = 'dev.app'
+ config.hostmanager.aliases = %w(dev.app.localdomain dev.app.local)
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ config.vm.synced_folder "./data", "/data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = false
+ #
+ # # Customize the amount of memory on the VM:
+ vb.memory = "1024"
+ end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ config.vm.provision "shell", inline: <<-SHELL
+ sudo yum -y update
+ echo "secret" | sudo passwd --stdin root
+ sudo cp -pr ~vagrant/.ssh /root
+ sudo chown -R root.root /root/.ssh
+ sudo yum -y install git python
+ sudo pip install --upgrade pip
+ if [ ! -d "/data/MySQLTuner-perl" ]; then
+ cd /data
+ sudo git clone https://github.com/major/MySQLTuner-perl.git
+ fi
+
+ echo "# MariaDB 10.1 Fedora repository list - created 2016-01-25 13:11 UTC
+# http://mariadb.org/mariadb/repositories/
+[mariadb]
+name = MariaDB
+baseurl = http://yum.mariadb.org/10.2/fedora23-amd64
+gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
+gpgcheck=1" >> /etc/yum.repos.d/mariadb.repo
+ sudo yum -y install perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils
+ sudo cpanm install File::Util
+
+ sudo yum -y install MariaDB-server MariaDB-client wget
+ sudo systemctl start mariadb.service
+ mysql -e 'select version();'
+ cd /data
+ sudo wget "https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2"
+ sudo tar xvjf employees_db-full-1.0.6.tar.bz2
+ cd employees_db
+ cat employees.sql | mysql
+ cd ..
+ cd MySQLTuner-perl
+ perl mysqltuner.pl --idxstat --dbstat
+ SHELL
+ config.vm.provision :hostmanager
+end
diff --git a/Vagrant/Vagrantfile_for_MariaDB10.3 b/Vagrant/Vagrantfile_for_MariaDB10.3
new file mode 100644
index 0000000..0dfac2c
--- /dev/null
+++ b/Vagrant/Vagrantfile_for_MariaDB10.3
@@ -0,0 +1,106 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure(2) do |config|
+ # The most common configuration options are documented and commented below.
+ # For a complete reference, please see the online documentation at
+ # https://docs.vagrantup.com.
+
+ # Every Vagrant development environment requires a box. You can search for
+ # boxes at https://atlas.hashicorp.com/search.
+ config.vm.box = "centos/7"
+ # Disable automatic box update checking. If you disable this, then
+ # boxes will only be checked for updates when the user runs
+ # `vagrant box outdated`. This is not recommended.
+ # config.vm.box_check_update = false
+ config.vbguest.auto_update = true
+ # Create a forwarded port mapping which allows access to a specific port
+ # within the machine from a port on the host machine. In the example below,
+ # accessing "localhost:8080" will access port 80 on the guest machine.
+ # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+ # Create a private network, which allows host-only access to the machine
+ # using a specific IP.
+ # config.vm.network "private_network", ip: "192.168.0.115"
+ config.hostmanager.enabled = true
+ config.hostmanager.manage_host = true
+ config.hostmanager.ignore_private_ip = false
+ config.hostmanager.include_offline = true
+
+ # Create a public network, which generally matched to bridged network.
+ # Bridged networks make the machine appear as another physical device on
+ # your network.
+ config.vm.network "public_network"
+ config.vm.hostname = 'dev.app'
+ config.hostmanager.aliases = %w(dev.app.localdomain dev.app.local)
+ # Share an additional folder to the guest VM. The first argument is
+ # the path on the host to the actual folder. The second argument is
+ # the path on the guest to mount the folder. And the optional third
+ # argument is a set of non-required options.
+ config.vm.synced_folder "./data", "/data"
+
+ # Provider-specific configuration so you can fine-tune various
+ # backing providers for Vagrant. These expose provider-specific options.
+ # Example for VirtualBox:
+ #
+ config.vm.provider "virtualbox" do |vb|
+ # # Display the VirtualBox GUI when booting the machine
+ # vb.gui = false
+ #
+ # # Customize the amount of memory on the VM:
+ vb.memory = "1024"
+ end
+ #
+ # View the documentation for the provider you are using for more
+ # information on available options.
+
+ # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies
+ # such as FTP and Heroku are also available. See the documentation at
+ # https://docs.vagrantup.com/v2/push/atlas.html for more information.
+ # config.push.define "atlas" do |push|
+ # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME"
+ # end
+
+ # Enable provisioning with a shell script. Additional provisioners such as
+ # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+ # documentation for more information about their specific syntax and use.
+ config.vm.provision "shell", inline: <<-SHELL
+ sudo yum -y update
+ echo "secret" | sudo passwd --stdin root
+ sudo cp -pr ~vagrant/.ssh /root
+ sudo chown -R root.root /root/.ssh
+ sudo yum -y install git python
+ sudo pip install --upgrade pip
+ if [ ! -d "/data/MySQLTuner-perl" ]; then
+ cd /data
+ sudo git clone https://github.com/major/MySQLTuner-perl.git
+ fi
+
+ echo "# MariaDB 10.1 Fedora repository list - created 2016-01-25 13:11 UTC
+# http://mariadb.org/mariadb/repositories/
+[mariadb]
+name = MariaDB
+baseurl = http://yum.mariadb.org/10.3/fedora23-amd64
+gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
+gpgcheck=1" >> /etc/yum.repos.d/mariadb.repo
+ sudo yum -y install perl-WWW-Mechanize-GZip perl-App-cpanminus perl-List-MoreUtils
+ sudo cpanm install File::Util
+
+ sudo yum -y install MariaDB-server MariaDB-client wget
+ sudo systemctl start mariadb.service
+ mysql -e 'select version();'
+ cd /data
+ sudo wget "https://launchpad.net/test-db/employees-db-1/1.0.6/+download/employees_db-full-1.0.6.tar.bz2"
+ sudo tar xvjf employees_db-full-1.0.6.tar.bz2
+ cd employees_db
+ cat employees.sql | mysql
+ cd ..
+ cd MySQLTuner-perl
+ perl mysqltuner.pl --idxstat --dbstat
+ SHELL
+ config.vm.provision :hostmanager
+end
diff --git a/Vagrant/prepare.sh b/Vagrant/prepare.sh
index ce5410b..1c44623 100644
--- a/Vagrant/prepare.sh
+++ b/Vagrant/prepare.sh
@@ -4,5 +4,5 @@ cp Vagrantfile_for_MariaDB10.0 Vagrantfile
mkdir data
vagrant plugin install vagrant-hostmanager
vagrant plugin install vagrant-vbguest
-vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
-vagrant up
+vagrant plugin install vagrant-proxyconf
+vagrant --provision up
diff --git a/build/deployOn b/build/deployOn
new file mode 100755
index 0000000..29cff83
--- /dev/null
+++ b/build/deployOn
@@ -0,0 +1,12 @@
+#!/bin/bash
+set -xv
+
+_DIR=$(dirname `readlink -f $0`)
+
+
+ssh $1 mkdir /images/mysqltuner
+rsync -avz ${_DIR}/.. $1:/images/mysqltuner
+
+if [ "$2" = "run" ];then
+ ssh $1 "su - mysql -c 'cd /images/mysqltuner; source /opt/mysql/myqenv myserver1;perl mysqltuner.pl --verbose --color'"
+fi
diff --git a/build/updateCVElist.pl b/build/updateCVElist.pl
index 535d26a..1c2d21b 100644
--- a/build/updateCVElist.pl
+++ b/build/updateCVElist.pl
@@ -5,7 +5,7 @@ use WWW::Mechanize::GZip;
use File::Util;
use Data::Dumper;
use List::MoreUtils qw(uniq);
-my $verbose;
+my $verbose=1;
sub AUTOLOAD {
use vars qw($AUTOLOAD);
my $cmd = $AUTOLOAD;
@@ -40,17 +40,18 @@ $mech->add_handler("response_redirect" => sub { print '#'x80,"\nREDIRECT RESPONS
my $url = 'http://cve.mitre.org/data/downloads/allitems.csv';
my $resp;
-unlink ('cve.csv') if (-f 'cve.csv');
+unless (-f 'cve.csv') {
+ $resp=$mech->get($url);
+ $mech->save_content( "cve.csv" );
+}
+my $f=File::Util->new( readlimit => 152428800);
+File::Util->flock_rules( qw/ IGNORE/ );
-$resp=$mech->get($url);
-$mech->save_content( "cve.csv" );
-
-my $f=File::Util->new('readlimit' => 100000000, 'use_flock'=>'false');
-my(@lines) = $f->load_file('cve.csv', '--as-lines');
my @versions;
my $temp;
unlink '../vulnerabilities.csv' if -f '../vulnerabilities.csv';
-foreach my $line (@lines) {
+open(CVE, 'cve.csv') or die("Could not open file.");
+foreach my $line () {
if ($line =~ /(mysql|mariadb)/i
and $line =~ /server/i
and $line =~ /CANDIDATE/i
@@ -64,13 +65,15 @@ foreach my $line (@lines) {
foreach my $vers (uniq(@versions)) {
my @nb=split('\.', $vers);
+ $nb[2]-- if ($line =~ /before/i);
#print $vers."\n".Dumper @nb;
- #exit 0;
- $f->write_file('file' => '../vulnerabilities.csv', 'content' => "$vers;$nb[0];$nb[1];$nb[2];$line\n", 'mode' => 'append');
+ #print "$line";
+ #exit 0 if ($line =~/before/i) ;
+ $f->write_file('file' => '../vulnerabilities.csv', 'content' => "$nb[0].$nb[1].$nb[2];$nb[0];$nb[1];$nb[2];$line", 'mode' => 'append');
}
}
}
-
-unlink ('cve.csv') if (-f 'cve.csv');
+close(CVE);
+#unlink ('cve.csv') if (-f 'cve.csv');
exit(0);
diff --git a/build/updateStaff.sh b/build/updateStaff.sh
new file mode 100644
index 0000000..00cf77b
--- /dev/null
+++ b/build/updateStaff.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+(cd ..
+echo "* GENERATING USAGE FILE"
+pod2markdown mysqltuner.pl >USAGE.md
+echo "* TIDYFY SCRIPT"
+perltidy -b mysqltuner.pl
+)
+echo "* Update CVE list"
+perl updateCVElist.pl
+
+git add ../vulnerabilities.csv ../mysqltuner.pl ./USAGE.md
+git commit -m 'Update Vulnerabilities list
+Indenting mysqltuner
+Update Usage information'
\ No newline at end of file
diff --git a/mysqltuner.pl b/mysqltuner.pl
index abb71ed..be2f5ba 100755
--- a/mysqltuner.pl
+++ b/mysqltuner.pl
@@ -1,7 +1,7 @@
#!/usr/bin/env perl
-# mysqltuner.pl - Version 1.7.0
+# mysqltuner.pl - Version 1.7.9
# High Performance MySQL Tuning Script
-# Copyright (C) 2006-2016 Major Hayden - major@mhtx.net
+# Copyright (C) 2006-2018 Major Hayden - major@mhtx.net
#
# For the latest updates, please visit http://mysqltuner.com/
# Git repository available at http://github.com/major/MySQLTuner-perl
@@ -31,6 +31,7 @@
# Simon Greenaway Adam Stein Isart Montane
# Baptiste M. Cole Turner Major Hayden
# Joe Ashcraft Jean-Marie Renouard Christian Loos
+# Julien Francoz
#
# Inspired by Matthew Montgomery's tuning-primer.sh script:
# http://forge.mysql.com/projects/view.php?id=44
@@ -44,6 +45,7 @@ use warnings;
use diagnostics;
use File::Spec;
use Getopt::Long;
+use Pod::Usage;
use File::Basename;
use Cwd 'abs_path';
@@ -54,7 +56,7 @@ $Data::Dumper::Pair = " : ";
#use Env;
# Set up a few variables for use in the script
-my $tunerversion = "1.7.0";
+my $tunerversion = "1.7.9";
my ( @adjvars, @generalrec );
# Set defaults
@@ -64,7 +66,8 @@ my %opt = (
"nogood" => 0,
"noinfo" => 0,
"debug" => 0,
- "nocolor" => 0,
+ "nocolor" => ( !-t STDOUT ),
+ "color" => 0,
"forcemem" => 0,
"forceswap" => 0,
"host" => 0,
@@ -73,6 +76,7 @@ my %opt = (
"user" => 0,
"pass" => 0,
"password" => 0,
+ "ssl-ca" => 0,
"skipsize" => 0,
"checkversion" => 0,
"updateversion" => 0,
@@ -96,94 +100,54 @@ my %opt = (
);
# Gather the options from the command line
-my $getOptionsCheck = GetOptions(
- \%opt, 'nobad',
- 'nogood', 'noinfo',
- 'debug', 'nocolor',
- 'forcemem=i', 'forceswap=i',
- 'host=s', 'socket=s',
- 'port=i', 'user=s',
- 'pass=s', 'skipsize',
- 'checkversion', 'mysqladmin=s',
- 'mysqlcmd=s', 'help',
- 'buffers', 'skippassword',
- 'passwordfile=s', 'outputfile=s',
- 'silent', 'dbstat',
- 'json', 'prettyjson',
- 'idxstat', 'noask',
- 'template=s', 'reportfile=s',
- 'cvefile=s', 'bannedports=s',
- 'updateversion', 'maxportallowed=s',
- 'verbose', 'sysstat',
- 'password=s', 'pfstat',
- 'passenv=s', 'userenv=s',
- 'defaults-file=s'
-);
+GetOptions(
+ \%opt, 'nobad',
+ 'nogood', 'noinfo',
+ 'debug', 'nocolor',
+ 'forcemem=i', 'forceswap=i',
+ 'host=s', 'socket=s',
+ 'port=i', 'user=s',
+ 'pass=s', 'skipsize',
+ 'checkversion', 'mysqladmin=s',
+ 'mysqlcmd=s', 'help',
+ 'buffers', 'skippassword',
+ 'passwordfile=s', 'outputfile=s',
+ 'silent', 'dbstat',
+ 'json', 'prettyjson',
+ 'idxstat', 'noask',
+ 'template=s', 'reportfile=s',
+ 'cvefile=s', 'bannedports=s',
+ 'updateversion', 'maxportallowed=s',
+ 'verbose', 'sysstat',
+ 'password=s', 'pfstat',
+ 'passenv=s', 'userenv=s',
+ 'defaults-file=s', 'ssl-ca=s',
+ 'color'
+ )
+ or pod2usage(
+ -exitval => 1,
+ -verbose => 99,
+ -sections => [
+ "NAME",
+ "IMPORTANT USAGE GUIDELINES",
+ "CONNECTION AND AUTHENTICATION",
+ "PERFORMANCE AND REPORTING OPTIONS",
+ "OUTPUT OPTIONS"
+ ]
+ );
-#If params are incorrect return help
-if ( $getOptionsCheck ne 1 ) {
- usage();
-}
-
-if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); }
-
-sub usage {
-
- # Shown with --help option passed
- print " MySQLTuner $tunerversion - MySQL High Performance Tuning Script\n"
- . " Bug reports, feature requests, and downloads at http://mysqltuner.com/\n"
- . " Maintained by Major Hayden (major\@mhtx.net) - Licensed under GPL\n"
- . "\n"
- . " Important Usage Guidelines:\n"
- . " To run the script with the default options, run the script without arguments\n"
- . " Allow MySQL server to run for at least 24-48 hours before trusting suggestions\n"
- . " Some routines may require root level privileges (script will provide warnings)\n"
- . " You must provide the remote server's total memory when connecting to other servers\n"
- . "\n"
- . " Connection and Authentication\n"
- . " --host Connect to a remote host to perform tests (default: localhost)\n"
- . " --socket Use a different socket for a local connection\n"
- . " --port Port to use for connection (default: 3306)\n"
- . " --user Username to use for authentication\n"
- . " --userenv Name of env variable which contains username to use for authentication\n"
- . " --pass Password to use for authentication\n"
- . " --passenv Name of env variable which contains password to use for authentication\n"
- . " --defaults-file Path to a custom .my.cnf\n"
- . " --mysqladmin Path to a custom mysqladmin executable\n"
- . " --mysqlcmd Path to a custom mysql executable\n" . "\n"
- . " --noask Don't ask password if needed\n" . "\n"
- . " Performance and Reporting Options\n"
- . " --skipsize Don't enumerate tables and their types/sizes (default: on)\n"
- . " (Recommended for servers with many tables)\n"
- . " --skippassword Don't perform checks on user passwords(default: off)\n"
- . " --checkversion Check for updates to MySQLTuner (default: don't check)\n"
- . " --updateversion Check for updates to MySQLTuner and update when newer version is available (default: don't check)\n"
- . " --forcemem Amount of RAM installed in megabytes\n"
- . " --forceswap Amount of swap memory configured in megabytes\n"
- . " --passwordfile Path to a password file list(one password by line)\n"
- . " Output Options:\n"
- . " --silent Don't output anything on screen\n"
- . " --nogood Remove OK responses\n"
- . " --nobad Remove negative/suggestion responses\n"
- . " --noinfo Remove informational responses\n"
- . " --debug Print debug information\n"
- . " --dbstat Print database information\n"
- . " --idxstat Print index information\n"
- . " --sysstat Print system information\n"
- . " --pfstat Print Performance schema information\n"
- . " --bannedports Ports banned separated by comma(,)\n"
- . " --maxportallowed Number of ports opened allowed on this hosts\n"
- . " --cvefile CVE File for vulnerability checks\n"
- . " --nocolor Don't print output in color\n"
- . " --json Print result as JSON string\n"
- . " --prettyjson Print result as human readable JSON\n"
- . " --buffers Print global and per-thread buffer values\n"
- . " --outputfile Path to a output txt file\n" . "\n"
- . " --reportfile Path to a report txt file\n" . "\n"
- . " --template Path to a template file\n" . "\n"
- . " --verbose Prints out all options (default: no verbose) \n"
- . "\n";
- exit 0;
+if ( defined $opt{'help'} && $opt{'help'} == 1 ) {
+ pod2usage(
+ -exitval => 0,
+ -verbose => 99,
+ -sections => [
+ "NAME",
+ "IMPORTANT USAGE GUIDELINES",
+ "CONNECTION AND AUTHENTICATION",
+ "PERFORMANCE AND REPORTING OPTIONS",
+ "OUTPUT OPTIONS"
+ ]
+ );
}
my $devnull = File::Spec->devnull();
@@ -193,12 +157,12 @@ my $basic_password_files =
: abs_path( $opt{passwordfile} );
# Username from envvar
-if (exists $opt{userenv} && exists $ENV{ $opt{userenv} }) {
+if ( exists $opt{userenv} && exists $ENV{ $opt{userenv} } ) {
$opt{user} = $ENV{ $opt{userenv} };
}
# Related to password option
-if (exists $opt{passenv} && exists $ENV{ $opt{passenv} }) {
+if ( exists $opt{passenv} && exists $ENV{ $opt{passenv} } ) {
$opt{pass} = $ENV{ $opt{passenv} };
}
$opt{pass} = $opt{password} if ( $opt{pass} eq 0 and $opt{password} ne 0 );
@@ -236,6 +200,9 @@ open( $fh, '>', $outputfile )
or die("Fail opening $outputfile")
if defined($outputfile);
$opt{nocolor} = 1 if defined($outputfile);
+$opt{nocolor} = 1 unless ( -t STDOUT );
+
+$opt{nocolor} = 0 if ( $opt{color} == 1 );
# Setting up the colors for the print styles
my $me = `whoami`;
@@ -299,9 +266,19 @@ sub infoprinthcmd {
infoprintcmd "$_[1]";
}
+# Calculates the number of phyiscal cores considering HyperThreading
+sub cpu_cores {
+ my $cntCPU =
+`awk -F: '/^core id/ && !P[\$2] { CORES++; P[\$2]=1 }; /^physical id/ && !N[\$2] { CPUs++; N[\$2]=1 }; END { print CPUs*CORES }' /proc/cpuinfo`;
+ return ( $cntCPU == 0 ? `nproc` : $cntCPU );
+}
+
# Calculates the parameter passed in bytes, then rounds it to one decimal place
sub hr_bytes {
my $num = shift;
+ return "0B" unless defined($num);
+ return "0B" if $num eq "NULL";
+
if ( $num >= ( 1024**3 ) ) { #GB
return sprintf( "%.1f", ( $num / ( 1024**3 ) ) ) . "G";
}
@@ -316,13 +293,32 @@ sub hr_bytes {
}
}
+sub hr_raw {
+ my $num = shift;
+ return "0" unless defined($num);
+ return "0" if $num eq "NULL";
+ if ( $num =~ /^(\d+)G$/ ) {
+ return $1 * 1024 * 1024 * 1024;
+ }
+ if ( $num =~ /^(\d+)M$/ ) {
+ return $1 * 1024 * 1024;
+ }
+ if ( $num =~ /^(\d+)K$/ ) {
+ return $1 * 1024;
+ }
+ if ( $num =~ /^(\d+)$/ ) {
+ return $1;
+ }
+ return $num;
+}
+
# Calculates the parameter passed in bytes, then rounds it to the nearest integer
sub hr_bytes_rnd {
my $num = shift;
- return "0B" unless defined($num) ;
- return "0B" if $num eq "NULL" ;
-
- if ( $num >= ( 1024**3 ) ) { #GB
+ return "0B" unless defined($num);
+ return "0B" if $num eq "NULL";
+
+ if ( $num >= ( 1024**3 ) ) { #GB
return int( ( $num / ( 1024**3 ) ) ) . "G";
}
elsif ( $num >= ( 1024**2 ) ) { #MB
@@ -515,9 +511,9 @@ sub validate_tuner_version {
debugprint "$httpcli is available.";
debugprint
-"$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2";
+"$httpcli -m 3 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2";
$update =
-`$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2`;
+`$httpcli -m 3 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2`;
chomp($update);
debugprint "VERSION: $update";
@@ -529,15 +525,18 @@ sub validate_tuner_version {
debugprint "$httpcli is available.";
debugprint
-"$httpcli -e timestamping=off -t 1 -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2";
+"$httpcli -e timestamping=off -t 1 -T 3 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2";
$update =
-`$httpcli -e timestamping=off -t 1 -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`;
+`$httpcli -e timestamping=off -t 1 -T 3 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`;
chomp($update);
compare_tuner_version($update);
return;
}
debugprint "curl and wget are not available.";
infoprint "Unable to check for the latest MySQLTuner version";
+ infoprint
+"Using --pass and --password option is insecure during MySQLTuner execution(Password disclosure)"
+ if ( defined( $opt{'pass'} ) );
}
# Checks for updates to MySQLTuner
@@ -548,7 +547,6 @@ sub update_tuner_version {
return;
}
- #use Cwd;
my $update;
my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/";
my @scripts =
@@ -563,9 +561,9 @@ sub update_tuner_version {
debugprint "$httpcli is available.";
debugprint
- "$httpcli --connect-timeout 5 '$url$script' 2>$devnull > $script";
+ "$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $script";
$update =
- `$httpcli --connect-timeout 5 '$url$script' 2>$devnull > $script`;
+ `$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $script`;
chomp($update);
debugprint "$script updated: $update";
@@ -582,9 +580,9 @@ sub update_tuner_version {
debugprint "$httpcli is available.";
debugprint
- "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'";
+"$httpcli -qe timestamping=off -t 1 -T 3 -O $script '$url$script'";
$update =
- `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`;
+`$httpcli -qe timestamping=off -t 1 -T 3 -O $script '$url$script'`;
chomp($update);
if ( -s $script eq 0 ) {
@@ -619,7 +617,7 @@ sub compare_tuner_version {
#exit 0;
if ( $remoteversion ne $tunerversion ) {
badprint
- "There is a new version of MySQLTuner available ($remoteversion)";
+ "There is a new version of MySQLTuner available($remoteversion)";
update_tuner_version();
return;
}
@@ -686,6 +684,7 @@ sub mysql_setup {
debugprint "MySQL Client: $mysqlcmd";
$opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port};
+
# Are we being asked to connect via a socket?
if ( $opt{socket} ne 0 ) {
$remotestring = " -S $opt{socket} -P $opt{port}";
@@ -709,6 +708,23 @@ sub mysql_setup {
$doremote = 1;
}
}
+ else {
+ $opt{host} = '127.0.0.1';
+ }
+
+ if ( $opt{'ssl-ca'} ne 0 ) {
+ if ( -e -r -f $opt{'ssl-ca'} ) {
+ $remotestring .= " --ssl-ca=$opt{'ssl-ca'}";
+ infoprint
+ "Will connect using ssl public key passed on the command line";
+ return 1;
+ }
+ else {
+ badprint
+"Attempted to use passed ssl public key, but it was not found or could not be read";
+ exit 1;
+ }
+ }
# Did we already get a username without password on the command line?
if ( $opt{user} ne 0 and $opt{pass} eq 0 ) {
@@ -805,7 +821,10 @@ sub mysql_setup {
exit 1;
}
}
- elsif ( -r "/etc/mysql/debian.cnf" and $doremote == 0 ) {
+ elsif ( -r "/etc/mysql/debian.cnf"
+ and $doremote == 0
+ and $opt{'defaults-file'} eq '' )
+ {
# We have a debian maintenance account, use it
$mysqllogin = "--defaults-file=/etc/mysql/debian.cnf";
@@ -816,12 +835,12 @@ sub mysql_setup {
return 1;
}
else {
- badprint
-"Attempted to use login credentials from debian maintenance account, but they failed.";
+ badprint "Attempted to use login credentials from debian maintena
+nce account, but they failed.";
exit 1;
}
}
- elsif ( $opt{'defaults-file'} ne 0 and -r "$opt{'defaults-file'}" ) {
+ elsif ( $opt{'defaults-file'} ne '' and -r "$opt{'defaults-file'}" ) {
# defaults-file
debugprint "defaults file detected: $opt{'defaults-file'}";
@@ -836,6 +855,7 @@ sub mysql_setup {
}
}
else {
+
# It's not Plesk or debian, we should try a login
debugprint "$mysqladmincmd $remotestring ping 2>&1";
my $loginstatus = `$mysqladmincmd $remotestring ping 2>&1`;
@@ -915,6 +935,7 @@ sub mysql_setup {
exit 1;
}
}
+
}
# MySQL Request Array
@@ -955,6 +976,38 @@ sub select_one {
return $result;
}
+# MySQL Request one
+sub select_one_g {
+ my $pattern = shift;
+
+ my $req = shift;
+ debugprint "PERFORM: $req ";
+ my @result = `$mysqlcmd $mysqllogin -re "\\w$req\\G" 2>>/dev/null`;
+ if ( $? != 0 ) {
+ badprint "failed to execute: $req";
+ badprint "FAIL Execute SQL / return code: $?";
+ debugprint "CMD : $mysqlcmd";
+ debugprint "OPTIONS: $mysqllogin";
+ debugprint `$mysqlcmd $mysqllogin -Bse "$req" 2>&1`;
+
+ #exit $?;
+ }
+ debugprint "select_array: return code : $?";
+ chomp(@result);
+ return ( grep { /$pattern/ } @result )[0];
+}
+
+sub select_str_g {
+ my $pattern = shift;
+
+ my $req = shift;
+ my $str = select_one_g $pattern, $req;
+ return () unless defined $str;
+ my @val = split /:/, $str;
+ shift @val;
+ return trim(@val);
+}
+
sub get_tuning_info {
my @infoconn = select_array "\\s";
my ( $tkey, $tval );
@@ -1031,7 +1084,8 @@ sub get_all_vars {
# Support GTID MODE FOR MARIADB
# Issue MariaDB GTID mode #272
- $myvar{'gtid_mode'}=$myvar{'gtid_strict_mode'} if (defined($myvar{'gtid_strict_mode'}));
+ $myvar{'gtid_mode'} = $myvar{'gtid_strict_mode'}
+ if ( defined( $myvar{'gtid_strict_mode'} ) );
$myvar{'have_threadpool'} = "NO";
if ( defined( $myvar{'thread_pool_size'} )
@@ -1088,8 +1142,9 @@ sub remove_empty {
sub grep_file_contents {
my $file = shift;
- my $patt
+ my $patt;
}
+
sub get_file_contents {
my $file = shift;
open( my $fh, "<", $file ) or die "Can't open $file for read: $!";
@@ -1103,87 +1158,124 @@ sub get_basic_passwords {
return get_file_contents(shift);
}
-sub log_file_recommandations {
+sub get_log_file_real_path {
+ my $file = shift;
+ my $hostname = shift;
+ my $datadir = shift;
+ if ( -f "$file" ) {
+ return $file;
+ }
+ elsif ( -f "$hostname.err" ) {
+ return "$hostname.err";
+ }
+ elsif ( $datadir ne "" ) {
+ return "$datadir$hostname.err";
+ }
+ else {
+ return $file;
+ }
+}
+
+sub log_file_recommendations {
+ $myvar{'log_error'} =
+ get_log_file_real_path( $myvar{'log_error'}, $myvar{'hostname'},
+ $myvar{'datadir'} );
subheaderprint "Log file Recommendations";
- infoprint "Log file: " . $myvar{'log_error'}. "(".hr_bytes_rnd((stat $myvar{'log_error'})[7]).")";
- if ( -f "$myvar{'log_error'}" ) {
- goodprint "Log file $myvar{'log_error'} exists";
- } else {
- badprint "Log file $myvar{'log_error'} doesn't exist";
- }
+ infoprint "Log file: "
+ . $myvar{'log_error'} . "("
+ . hr_bytes_rnd( ( stat $myvar{'log_error'} )[7] ) . ")";
+ if ( -f "$myvar{'log_error'}" ) {
+ goodprint "Log file $myvar{'log_error'} exists";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} doesn't exist";
+ }
if ( -r "$myvar{'log_error'}" ) {
goodprint "Log file $myvar{'log_error'} is readable.";
- } else {
+ }
+ else {
badprint "Log file $myvar{'log_error'} isn't readable.";
return;
}
- if ( (stat $myvar{'log_error'})[7] > 0 ) {
- goodprint "Log file $myvar{'log_error'} is not empty";
- } else {
- badprint "Log file $myvar{'log_error'} is empty";
- }
-
- if ( (stat $myvar{'log_error'})[7] < 32*1024*1024 ) {
- goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb";
- } else {
- badprint "Log file $myvar{'log_error'} is bigger than 32 Mb";
- push @generalrec,
- $myvar{'log_error'} ."is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!" ;
- }
-
- my @log_content = get_file_contents($myvar{'log_error'});
-
- my $numLi = 0;
+ if ( ( stat $myvar{'log_error'} )[7] > 0 ) {
+ goodprint "Log file $myvar{'log_error'} is not empty";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} is empty";
+ }
+
+ if ( ( stat $myvar{'log_error'} )[7] < 32 * 1024 * 1024 ) {
+ goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} is bigger than 32 Mb";
+ push @generalrec,
+ $myvar{'log_error'}
+ . " is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!";
+ }
+
+ my $numLi = 0;
my $nbWarnLog = 0;
- my $nbErrLog = 0;
+ my $nbErrLog = 0;
my @lastShutdowns;
my @lastStarts;
- foreach my $logLi ( @log_content ) {
- $numLi++;
- debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i;
- $nbErrLog++ if $logLi =~ /error/i;
- $nbWarnLog++ if $logLi =~ /warning/i;
- push @lastShutdowns, $logLi if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i;
- push @lastStarts, $logLi if $logLi =~ /ready for connections/;
+
+ open( my $fh, '<', $myvar{'log_error'} )
+ or die "Can't open $myvar{'log_error'} for read: $!";
+
+ while ( my $logLi = <$fh> ) {
+ chomp $logLi;
+ $numLi++;
+ debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i;
+ $nbErrLog++ if $logLi =~ /error/i;
+ $nbWarnLog++ if $logLi =~ /warning/i;
+ push @lastShutdowns, $logLi
+ if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i;
+ push @lastStarts, $logLi if $logLi =~ /ready for connections/;
}
+ close $fh;
+
if ( $nbWarnLog > 0 ) {
- badprint "$myvar{'log_error'} contains $nbWarnLog warning(s).";
- push @generalrec, "Control warning line(s) into $myvar{'log_error'} file";
- } else {
- goodprint "$myvar{'log_error'} doesn't contain any warning.";
+ badprint "$myvar{'log_error'} contains $nbWarnLog warning(s).";
+ push @generalrec,
+ "Control warning line(s) into $myvar{'log_error'} file";
+ }
+ else {
+ goodprint "$myvar{'log_error'} doesn't contain any warning.";
}
if ( $nbErrLog > 0 ) {
- badprint "$myvar{'log_error'} contains $nbErrLog error(s).";
- push @generalrec, "Control error line(s) into $myvar{'log_error'} file";
- } else {
- goodprint "$myvar{'log_error'} doesn't contain any error.";
+ badprint "$myvar{'log_error'} contains $nbErrLog error(s).";
+ push @generalrec, "Control error line(s) into $myvar{'log_error'} file";
}
-
+ else {
+ goodprint "$myvar{'log_error'} doesn't contain any error.";
+ }
+
infoprint scalar @lastStarts . " start(s) detected in $myvar{'log_error'}";
my $nStart = 0;
- my $nEnd = 10;
+ my $nEnd = 10;
if ( scalar @lastStarts < $nEnd ) {
$nEnd = scalar @lastStarts;
}
- for my $startd ( reverse @lastStarts[-$nEnd..-1] ) {
+ for my $startd ( reverse @lastStarts[ -$nEnd .. -1 ] ) {
$nStart++;
infoprint "$nStart) $startd";
}
- infoprint scalar @lastShutdowns . " shutdown(s) detected in $myvar{'log_error'}";
- $nStart=0;
- $nEnd=10;
+ infoprint scalar @lastShutdowns
+ . " shutdown(s) detected in $myvar{'log_error'}";
+ $nStart = 0;
+ $nEnd = 10;
if ( scalar @lastShutdowns < $nEnd ) {
- $nEnd = scalar @lastShutdowns;
+ $nEnd = scalar @lastShutdowns;
}
- for my $shutd ( reverse @lastShutdowns[-$nEnd..-1] ) {
- $nStart++;
- infoprint "$nStart) $shutd";
+ for my $shutd ( reverse @lastShutdowns[ -$nEnd .. -1 ] ) {
+ $nStart++;
+ infoprint "$nStart) $shutd";
}
- #exit 0;
+
+ #exit 0;
}
-
-
sub cve_recommendations {
subheaderprint "CVE Security Recommendations";
unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) {
@@ -1191,6 +1283,9 @@ sub cve_recommendations {
return;
}
+#$mysqlvermajor=10;
+#$mysqlverminor=1;
+#$mysqlvermicro=17;
#prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}";
my $cvefound = 0;
open( my $fh, "<", $opt{cvefile} )
@@ -1284,10 +1379,10 @@ sub get_other_process_memory {
sub get_os_release {
if ( -f "/etc/lsb-release" ) {
my @info_release = get_file_contents "/etc/lsb-release";
- my $os_relase = $info_release[3];
- $os_relase =~ s/.*="//;
- $os_relase =~ s/"$//;
- return $os_relase;
+ my $os_release = $info_release[3];
+ $os_release =~ s/.*="//;
+ $os_release =~ s/"$//;
+ return $os_release;
}
if ( -f "/etc/system-release" ) {
@@ -1297,22 +1392,22 @@ sub get_os_release {
if ( -f "/etc/os-release" ) {
my @info_release = get_file_contents "/etc/os-release";
- my $os_relase = $info_release[0];
- $os_relase =~ s/.*="//;
- $os_relase =~ s/"$//;
- return $os_relase;
+ my $os_release = $info_release[0];
+ $os_release =~ s/.*="//;
+ $os_release =~ s/"$//;
+ return $os_release;
}
if ( -f "/etc/issue" ) {
my @info_release = get_file_contents "/etc/issue";
- my $os_relase = $info_release[0];
- $os_relase =~ s/\s+\\n.*//;
- return $os_relase;
+ my $os_release = $info_release[0];
+ $os_release =~ s/\s+\\n.*//;
+ return $os_release;
}
return "Unknown OS release";
}
-sub get_fs_info() {
+sub get_fs_info {
my @sinfo = `df -P | grep '%'`;
my @iinfo = `df -Pi| grep '%'`;
shift @iinfo;
@@ -1370,7 +1465,7 @@ sub merge_hash {
return \%result;
}
-sub is_virtual_machine() {
+sub is_virtual_machine {
my $isVm = `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`;
return ( $isVm == 0 ? 0 : 1 );
}
@@ -1402,7 +1497,7 @@ sub infocmd_one {
return join ', ', @result;
}
-sub get_kernel_info() {
+sub get_kernel_info {
my @params = (
'fs.aio-max-nr', 'fs.aio-nr',
'fs.file-max', 'sunrpc.tcp_fin_timeout',
@@ -1418,7 +1513,8 @@ sub get_kernel_info() {
badprint
"Swappiness is > 10, please consider having a value lower than 10";
push @generalrec, "setup swappiness lower or equals to 10";
- push @adjvars, 'vm.swappiness <= 10 (echo 0 > /proc/sys/vm/swappiness)';
+ push @adjvars,
+ 'vm.swappiness <= 10 (echo 10 > /proc/sys/vm/swappiness)';
}
else {
infoprint "Swappiness is < 10.";
@@ -1453,7 +1549,7 @@ sub get_kernel_info() {
}
-sub get_system_info() {
+sub get_system_info {
$result{'OS'}{'Release'} = get_os_release();
infoprint get_os_release;
if (is_virtual_machine) {
@@ -1475,6 +1571,8 @@ sub get_system_info() {
else {
badprint "Internet : Disconnected";
}
+ $result{'OS'}{'NbCore'} = cpu_cores;
+ infoprint "Number of Core CPU : " . cpu_cores;
$result{'OS'}{'Type'} = `uname -o`;
infoprint "Operating System Type : " . infocmd_one "uname -o";
$result{'OS'}{'Kernel'} = `uname -r`;
@@ -1490,11 +1588,11 @@ sub get_system_info() {
my $ext_ip = "";
if ( $httpcli =~ /curl$/ ) {
- $ext_ip = infocmd_one "$httpcli ipecho.net/plain";
+ $ext_ip = infocmd_one "$httpcli -m 3 ipecho.net/plain";
}
elsif ( $httpcli =~ /wget$/ ) {
- $ext_ip = infocmd_one "$httpcli -q -O - ipecho.net/plain";
+ $ext_ip = infocmd_one "$httpcli -t 1 -T 3 -q -O - ipecho.net/plain";
}
infoprint "External IP : " . $ext_ip;
$result{'Network'}{'External Ip'} = $ext_ip;
@@ -1598,8 +1696,9 @@ sub security_recommendations {
}
my $PASS_COLUMN_NAME = 'password';
- if ( $myvar{'version'} =~ /5.7/ ) {
- $PASS_COLUMN_NAME = 'authentication_string';
+ if ( $myvar{'version'} =~ /5\.7|10\..*MariaDB*/ ) {
+ $PASS_COLUMN_NAME =
+"IF(plugin='mysql_native_password', authentication_string, 'password')";
}
debugprint "Password column = $PASS_COLUMN_NAME";
@@ -1631,7 +1730,7 @@ sub security_recommendations {
# Looking for Empty Password
if ( mysql_version_ge( 5, 5 ) ) {
@mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')";
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket', 'auth_pam_compat')";
}
else {
@mysqlstatlist = select_array
@@ -1697,7 +1796,7 @@ sub security_recommendations {
my $nbins = 0;
my $passreq;
if (@passwords) {
- my $nbInterPass=0;
+ my $nbInterPass = 0;
foreach my $pass (@passwords) {
$nbInterPass++;
@@ -1727,7 +1826,8 @@ sub security_recommendations {
$nbins++;
}
}
- debugprint "$nbInterPass / ".scalar(@passwords) if ($nbInterPass %1000 ==0);
+ debugprint "$nbInterPass / " . scalar(@passwords)
+ if ( $nbInterPass % 1000 == 0 );
}
}
if ( $nbins > 0 ) {
@@ -1746,15 +1846,30 @@ sub get_replication_status {
. scalar( keys %myslaves )
. " server(s).";
}
-
+ infoprint "Binlog format: " . $myvar{'binlog_format'};
+ infoprint "XA support enabled: " . $myvar{'innodb_support_xa'};
+ infoprint "Semi synchronous replication Master: "
+ . (
+ defined( $myvar{'rpl_semi_sync_master_enabled'} )
+ ? $myvar{'rpl_semi_sync_master_enabled'}
+ : 'Not Activated'
+ );
+ infoprint "Semi synchronous replication Slave: "
+ . (
+ defined( $myvar{'rpl_semi_sync_slave_enabled'} )
+ ? $myvar{'rpl_semi_sync_slave_enabled'}
+ : 'Not Activated'
+ );
if ( scalar( keys %myrepl ) == 0 and scalar( keys %myslaves ) == 0 ) {
- infoprint "This is a standalone server.";
+ infoprint "This is a standalone server";
return;
}
if ( scalar( keys %myrepl ) == 0 ) {
- infoprint "No replication setup for this server.";
+ infoprint
+ "No replication setup for this server or replication not started.";
return;
}
+
$result{'Replication'}{'status'} = \%myrepl;
my ($io_running) = $myrepl{'Slave_IO_Running'};
debugprint "IO RUNNING: $io_running ";
@@ -1770,7 +1885,7 @@ sub get_replication_status {
"This replication slave is not running but seems to be configured.";
}
if ( defined($io_running)
- && $io_running =~ /yes/i
+ && $io_running =~ /yes/i
&& $sql_running =~ /yes/i )
{
if ( $myvar{'read_only'} eq 'OFF' ) {
@@ -1813,6 +1928,16 @@ sub validate_mysql_version {
}
}
+# Checks if MySQL version is equal to (major, minor, micro)
+sub mysql_version_eq {
+ my ( $maj, $min, $mic ) = @_;
+ $min ||= 0;
+ $mic ||= 0;
+ return ( int($mysqlvermajor) == int($maj)
+ && int($mysqlverminor) == int($min)
+ && int($mysqlvermicro) == int($mic) );
+}
+
# Checks if MySQL version is greater than equal to (major, minor, micro)
sub mysql_version_ge {
my ( $maj, $min, $mic ) = @_;
@@ -1821,7 +1946,8 @@ sub mysql_version_ge {
return
int($mysqlvermajor) > int($maj)
|| ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) > int($min) )
- || ( int($mysqlverminor) == int($min)
+ || ( int($mysqlvermajor) == int($maj)
+ && int($mysqlverminor) == int($min)
&& int($mysqlvermicro) >= int($mic) );
}
@@ -1833,7 +1959,8 @@ sub mysql_version_le {
return
int($mysqlvermajor) < int($maj)
|| ( int($mysqlvermajor) == int($maj) && int($mysqlverminor) < int($min) )
- || ( int($mysqlverminor) == int($min)
+ || ( int($mysqlvermajor) == int($maj)
+ && int($mysqlverminor) == int($min)
&& int($mysqlvermicro) <= int($mic) );
}
@@ -1993,7 +2120,8 @@ sub check_storage_engines {
my $not_innodb = '';
if ( not defined $result{'Variables'}{'innodb_file_per_table'} ) {
$not_innodb = "AND NOT ENGINE='InnoDB'";
- } elsif ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) {
+ }
+ elsif ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) {
$not_innodb = "AND NOT ENGINE='InnoDB'";
}
$result{'Tables'}{'Fragmented tables'} =
@@ -2035,7 +2163,7 @@ sub check_storage_engines {
debugprint "Data dump " . Dumper(@$tbl);
my ( $engine, $size, $datafree ) = @$tbl;
next if $engine eq 'NULL';
- $size = 0 if $size eq 'NULL';
+ $size = 0 if $size eq 'NULL';
$datafree = 0 if $datafree eq 'NULL';
if ( defined $enginestats{$engine} ) {
$enginestats{$engine} += $size;
@@ -2091,12 +2219,14 @@ sub check_storage_engines {
"Run OPTIMIZE TABLE to defragment tables for better performance" );
my $total_free = 0;
foreach my $table_line ( @{ $result{'Tables'}{'Fragmented tables'} } ) {
- my ( $table_name, $data_free ) = split( /\s+/, $table_line );
+ my ( $full_table_name, $data_free ) = split( /\s+/, $table_line );
$data_free = 0 if ( !defined($data_free) or $data_free eq '' );
$data_free = $data_free / 1024 / 1024;
$total_free += $data_free;
+ my ( $table_schema, $table_name ) = split( /\./, $full_table_name );
push( @generalrec,
- " OPTIMIZE TABLE $table_name; -- can free $data_free MB" );
+" OPTIMIZE TABLE `$table_schema`.`$table_name`; -- can free $data_free MB"
+ );
}
push( @generalrec,
"Total freed space after theses OPTIMIZE TABLE : $total_free Mb" );
@@ -2272,7 +2402,7 @@ sub calculations {
$myvar{'key_cache_block_size'}
) / $myvar{'key_buffer_size'}
)
- ) * 100
+ ) * 100
);
}
else {
@@ -2313,14 +2443,8 @@ sub calculations {
}
if ( $mystat{'Key_write_requests'} > 0 ) {
- $mycalc{'pct_wkeys_from_mem'} = sprintf(
- "%.1f",
- (
- 100 - (
- ( $mystat{'Key_writes'} / $mystat{'Key_write_requests'} ) *
- 100
- )
- )
+ $mycalc{'pct_wkeys_from_mem'} = sprintf( "%.1f",
+ ( ( $mystat{'Key_writes'} / $mystat{'Key_write_requests'} ) * 100 )
);
}
else {
@@ -2365,14 +2489,14 @@ sub calculations {
(
$mystat{'Qcache_hits'} /
( $mystat{'Com_select'} + $mystat{'Qcache_hits'} )
- ) * 100
+ ) * 100
);
if ( $myvar{'query_cache_size'} ) {
$mycalc{'pct_query_cache_used'} = sprintf(
"%.1f",
100 - (
$mystat{'Qcache_free_memory'} / $myvar{'query_cache_size'}
- ) * 100
+ ) * 100
);
}
if ( $mystat{'Qcache_lowmem_prunes'} == 0 ) {
@@ -2478,11 +2602,12 @@ sub calculations {
# InnoDB
if ( $myvar{'have_innodb'} eq "YES" ) {
$mycalc{'innodb_log_size_pct'} =
- ( $myvar{'innodb_log_file_size'} *$myvar{'innodb_log_files_in_group'} * 100 /
+ ( $myvar{'innodb_log_file_size'} *
+ $myvar{'innodb_log_files_in_group'} * 100 /
$myvar{'innodb_buffer_pool_size'} );
}
- # InnoDB Buffer pool read cache effiency
+ # InnoDB Buffer pool read cache efficiency
(
$mystat{'Innodb_buffer_pool_read_requests'},
$mystat{'Innodb_buffer_pool_reads'}
@@ -2502,7 +2627,7 @@ sub calculations {
debugprint "Innodb_buffer_pool_read_requests: "
. $mystat{'Innodb_buffer_pool_read_requests'} . "";
- # InnoDB log write cache effiency
+ # InnoDB log write cache efficiency
( $mystat{'Innodb_log_write_requests'}, $mystat{'Innodb_log_writes'} ) =
( 1, 1 )
unless defined $mystat{'Innodb_log_writes'};
@@ -2596,7 +2721,7 @@ sub mysql_stats {
if ( defined $myvar{'query_cache_type'} ) {
infoprint "Query Cache Buffers";
- infoprint " +-- Query Cache: "
+ infoprint " +-- Query Cache: "
. $myvar{'query_cache_type'} . " - "
. (
$myvar{'query_cache_type'} eq 0 |
@@ -2727,7 +2852,13 @@ sub mysql_stats {
}
# name resolution
- if ( not defined( $result{'Variables'}{'skip_name_resolve'} ) ) {
+ if ( defined( $result{'Variables'}{'skip_networking'} )
+ && $result{'Variables'}{'skip_networking'} eq 'ON' )
+ {
+ infoprint
+"Skipped name resolution test due to skip_networking=ON in system variables.";
+ }
+ elsif ( not defined( $result{'Variables'}{'skip_name_resolve'} ) ) {
infoprint
"Skipped name resolution test due to missing skip_name_resolve in system variables.";
}
@@ -2746,17 +2877,11 @@ sub mysql_stats {
push( @generalrec,
"Upgrade MySQL to version 4+ to utilize query caching" );
}
- elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) and $myvar{'query_cache_type'} eq "OFF" ) {
+ elsif ( $myvar{'query_cache_size'} < 1
+ and $myvar{'query_cache_type'} eq "OFF" )
+ {
goodprint
- "Query cache is disabled by default due to mutex contention on multiprocessor machines.";
- }
- elsif ( $myvar{'query_cache_size'} < 1 ) {
- badprint "Query cache is disabled";
- push( @adjvars, "query_cache_size (>= 8M)" );
- }
- elsif ( $myvar{'query_cache_type'} eq "OFF" ) {
- badprint "Query cache is disabled";
- push( @adjvars, "query_cache_type (=1)" );
+"Query cache is disabled by default due to mutex contention on multiprocessor machines.";
}
elsif ( $mystat{'Com_select'} == 0 ) {
badprint
@@ -2765,6 +2890,7 @@ sub mysql_stats {
else {
badprint
"Query cache may be disabled by default due to mutex contention.";
+ push( @adjvars, "query_cache_size (=0)" );
push( @adjvars, "query_cache_type (=0)" );
if ( $mycalc{'query_cache_efficiency'} < 20 ) {
badprint
@@ -2972,6 +3098,15 @@ sub mysql_stats {
. $table_cache_var
. " over 64: http://bit.ly/1mi7c4C" );
push( @generalrec,
+"This is MyISAM only table_cache scalability problem, InnoDB not affected."
+ );
+ push( @generalrec,
+ "See more details here: https://bugs.mysql.com/bug.php?id=49177"
+ );
+ push( @generalrec,
+"This bug already fixed in MySQL 5.7.9 and newer MySQL versions."
+ );
+ push( @generalrec,
"Beware that open_files_limit ("
. $myvar{'open_files_limit'}
. ") variable " );
@@ -3098,6 +3233,7 @@ sub mysql_myisam {
}
}
else {
+
# No queries have run that would use keys
debugprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% ("
. hr_num(
@@ -3157,6 +3293,7 @@ sub mysql_myisam {
}
}
else {
+
# No queries have run that would use keys
debugprint "Key buffer size / total MyISAM indexes: "
. hr_bytes( $myvar{'key_buffer_size'} ) . "/"
@@ -3181,6 +3318,7 @@ sub mysql_myisam {
}
}
else {
+
# No queries have run that would use keys
debugprint
"Write Key buffer hit rate: $mycalc{'pct_wkeys_from_mem'}% ("
@@ -3268,22 +3406,45 @@ sub mysqsl_pfs {
subheaderprint "Performance schema";
# Performance Schema
- unless ( defined( $myvar{'performance_schema'} )
- and $myvar{'performance_schema'} eq 'ON' )
- {
+ $myvar{'performance_schema'} = 'OFF'
+ unless defined( $myvar{'performance_schema'} );
+ unless ( $myvar{'performance_schema'} eq 'ON' ) {
infoprint "Performance schema is disabled.";
- return;
+ if ( mysql_version_ge( 5, 6 ) ) {
+ push( @generalrec,
+ "Performance should be activated for better diagnostics" );
+ push( @adjvars, "performance_schema = ON enable PFS" );
+ }
}
- infoprint "Performance schema is enabled.";
+ else {
+ if ( mysql_version_le( 5, 5 ) ) {
+ push( @generalrec,
+"Performance shouldn't be activated for MySQL and MariaDB 5.5 and lower version"
+ );
+ push( @adjvars, "performance_schema = OFF disable PFS" );
+ }
+ }
+ debugprint "Performance schema is " . $myvar{'performance_schema'};
infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() );
- unless ( grep /^sys$/, select_array("SHOW DATABASES") ) {
- infoprint "Sys schema isn't installed.";
+ if ( mysql_version_eq( 10, 0 ) ) {
+ push( @generalrec,
+"Performance shouldn't be activated for MariaDB 10.0 for performance issue"
+ );
+ push( @adjvars, "performance_schema = OFF disable PFS" );
return;
}
-
- infoprint "Sys schema is installed.";
- return if ( $opt{pfstat} == 0 );
+ unless ( grep /^sys$/, select_array("SHOW DATABASES") ) {
+ infoprint "Sys schema isn't installed.";
+ push( @generalrec,
+"Consider installing Sys schema from https://github.com/mysql/mysql-sys"
+ ) unless ( mysql_version_le( 5, 5 ) );
+ return;
+ }
+ else {
+ infoprint "Sys schema is installed.";
+ }
+ return if ( $opt{pfstat} == 0 or $myvar{'performance_schema'} ne 'ON' );
infoprint "Sys schema Version: "
. select_one("select sys_version from sys.version");
@@ -3300,7 +3461,7 @@ sub mysqsl_pfs {
infoprint " +-- $nbL: $lQuery conn(s)";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per statement
@@ -3315,7 +3476,7 @@ sub mysqsl_pfs {
infoprint " +-- $nbL: $lQuery stmt(s)";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per statement latency
@@ -3323,14 +3484,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, statement_avg_latency from sys.user_summary order by statement_avg_latency desc LIMIT 5'
+'select user, statement_avg_latency from sys.x\\$user_summary order by statement_avg_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per lock latency
@@ -3338,14 +3499,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, lock_latency from sys.user_summary_by_statement_latency order by lock_latency desc LIMIT 5'
+'select user, lock_latency from sys.x\\$user_summary_by_statement_latency order by lock_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per full scans
@@ -3353,14 +3514,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, full_scans from sys.user_summary_by_statement_latency order by full_scans desc LIMIT 5'
+'select user, full_scans from sys.x\\$user_summary_by_statement_latency order by full_scans desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per row_sent
@@ -3368,14 +3529,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, rows_sent from sys.user_summary_by_statement_latency order by rows_sent desc LIMIT 5'
+'select user, rows_sent from sys.x\\$user_summary_by_statement_latency order by rows_sent desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per row modified
@@ -3383,14 +3544,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, rows_affected from sys.user_summary_by_statement_latency order by rows_affected desc LIMIT 5'
+'select user, rows_affected from sys.x\\$user_summary_by_statement_latency order by rows_affected desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per io
@@ -3398,14 +3559,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, file_ios from sys.user_summary order by file_ios desc LIMIT 5'
+'select user, file_ios from sys.x\\$user_summary order by file_ios desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top user per io latency
@@ -3413,14 +3574,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select user, file_io_latency from sys.user_summary order by file_io_latency desc LIMIT 5'
+'select user, file_io_latency from sys.x\\$user_summary order by file_io_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per connection
@@ -3428,14 +3589,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5'
+'select host, total_connections from sys.x\\$host_summary order by total_connections desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery conn(s)";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per statement
@@ -3443,14 +3604,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, statements from sys.host_summary order by statements desc LIMIT 5'
+'select host, statements from sys.x\\$host_summary order by statements desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery stmt(s)";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per statement latency
@@ -3458,14 +3619,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, statement_avg_latency from sys.host_summary order by statement_avg_latency desc LIMIT 5'
+'select host, statement_avg_latency from sys.x\\$host_summary order by statement_avg_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per lock latency
@@ -3473,14 +3634,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, lock_latency from sys.host_summary_by_statement_latency order by lock_latency desc LIMIT 5'
+'select host, lock_latency from sys.x\\$host_summary_by_statement_latency order by lock_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per full scans
@@ -3488,14 +3649,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, full_scans from sys.host_summary_by_statement_latency order by full_scans desc LIMIT 5'
+'select host, full_scans from sys.x\\$host_summary_by_statement_latency order by full_scans desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per rows sent
@@ -3503,14 +3664,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, rows_sent from sys.host_summary_by_statement_latency order by rows_sent desc LIMIT 5'
+'select host, rows_sent from sys.x\\$host_summary_by_statement_latency order by rows_sent desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per rows modified
@@ -3518,14 +3679,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, rows_affected from sys.host_summary_by_statement_latency order by rows_affected desc LIMIT 5'
+'select host, rows_affected from sys.x\\$host_summary_by_statement_latency order by rows_affected desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per io
@@ -3533,14 +3694,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, file_ios from sys.host_summary order by file_ios desc LIMIT 5'
+'select host, file_ios from sys.x\\$host_summary order by file_ios desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top 5 host per io latency
@@ -3548,14 +3709,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, file_io_latency from sys.host_summary order by file_io_latency desc LIMIT 5'
+'select host, file_io_latency from sys.x\\$host_summary order by file_io_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top IO type order by total io
@@ -3563,14 +3724,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select substring(event_name,14), SUM(total)AS total from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;'
+'use sys;select substring(event_name,14), SUM(total)AS total from sys.x\\$host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery i/o";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top IO type order by total latency
@@ -3578,14 +3739,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select substring(event_name,14), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;'
+'select substring(event_name,14), ROUND(SUM(total_latency),1) AS total_latency from sys.x\\$host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top IO type order by max latency
@@ -3593,14 +3754,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;'
+'use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.x\\$host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top Stages order by total io
@@ -3608,14 +3769,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select substring(event_name,7), SUM(total)AS total from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;'
+'use sys;select substring(event_name,7), SUM(total)AS total from sys.x\\$host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery i/o";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top Stages order by total latency
@@ -3623,14 +3784,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select substring(event_name,7), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;'
+'use sys;select substring(event_name,7), ROUND(SUM(total_latency),1) AS total_latency from sys.x\\$host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top Stages order by avg latency
@@ -3638,14 +3799,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;'
+'use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.x\\$host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top host per table scans
@@ -3653,14 +3814,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select host, table_scans from sys.host_summary order by table_scans desc LIMIT 5'
+'select host, table_scans from sys.x\\$host_summary order by table_scans desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# InnoDB Buffer Pool by schema
@@ -3668,14 +3829,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select object_schema, allocated, data, pages from sys.innodb_buffer_stats_by_schema ORDER BY pages DESC'
+'select object_schema, allocated, data, pages from sys.x\\$innodb_buffer_stats_by_schema ORDER BY pages DESC'
)
)
{
infoprint " +-- $nbL: $lQuery page(s)";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# InnoDB Buffer Pool by table
@@ -3683,29 +3844,29 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"select CONCAT(object_schema,CONCAT('.', object_name)), allocated,data, pages from sys.innodb_buffer_stats_by_table ORDER BY pages DESC"
+'select object_schema, object_name, allocated,data, pages from sys.x\\$innodb_buffer_stats_by_table ORDER BY pages DESC'
)
)
{
infoprint " +-- $nbL: $lQuery page(s)";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Process per allocated memory
- subheaderprint "Performance schema: Process per allocated memory";
+ subheaderprint "Performance schema: Process per time";
$nbL = 1;
for my $lQuery (
select_array(
-"select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;"
+'select user, Command AS PROC, time from sys.x\\$processlist ORDER BY time DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# InnoDB Lock Waits
@@ -3713,14 +3874,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"use sys;select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;"
+'select wait_age_secs, locked_table, locked_type, waiting_query from sys.x\\$innodb_lock_waits order by wait_age_secs DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Threads IO Latency
@@ -3728,14 +3889,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"use sys;select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;"
+'select user, total_latency, max_latency from sys.x\\$io_by_thread_by_latency order by total_latency DESC;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# High Cost SQL statements
@@ -3743,14 +3904,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5'
+'select query, avg_latency from sys.x\\$statement_analysis order by avg_latency desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top 5% slower queries
@@ -3758,14 +3919,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5'
+'select query, exec_count from sys.x\\$statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5'
)
)
{
infoprint " +-- $nbL: $lQuery s";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top 10 nb statement type
@@ -3773,14 +3934,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select statement, sum(total) as total from host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+'use sys;select statement, sum(total) as total from sys.x\\$host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top statement by total latency
@@ -3788,14 +3949,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select statement, sum(total_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+'use sys;select statement, sum(total_latency) as total from sys.x\\$host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top statement by lock latency
@@ -3803,14 +3964,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select statement, sum(lock_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+'use sys;select statement, sum(lock_latency) as total from sys.x\\$host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top statement by full scans
@@ -3818,14 +3979,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select statement, sum(full_scans) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+'use sys;select statement, sum(full_scans) as total from sys.x\\$host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top statement by rows sent
@@ -3833,14 +3994,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select statement, sum(rows_sent) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+'use sys;select statement, sum(rows_sent) as total from sys.x\\$host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Top statement by rows modified
@@ -3848,14 +4009,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+'use sys;select statement, sum(rows_affected) as total from sys.x\\$host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Use temporary tables
@@ -3863,14 +4024,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
- 'use sys;select query from sys.statements_with_temp_tables LIMIT 20'
+'use sys;select query from sys.x\\$statements_with_temp_tables LIMIT 20'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Unused Indexes
@@ -3880,7 +4041,7 @@ sub mysqsl_pfs {
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Full table scans
@@ -3888,14 +4049,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC'
+'select * from sys.x\\$schema_tables_with_full_table_scans order by rows_full_scanned DESC'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Latest file IO by latency
@@ -3903,14 +4064,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;'
+'use sys;select thread, file, latency, operation from sys.x\\$latest_file_io ORDER BY latency LIMIT 10;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# FILE by IO read bytes
@@ -3918,14 +4079,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"use sys;(select file, total_read from io_global_by_file_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select file, total_read from io_global_by_file_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);"
+'select file, total_read from sys.x\\$io_global_by_file_by_bytes order by total_read DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# FILE by IO written bytes
@@ -3933,14 +4094,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"use sys;(select file, total_written from io_global_by_file_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select file, total_written from io_global_by_file_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);"
+'select file, total_written from sys.x\\$io_global_by_file_by_bytes order by total_written DESC LIMIT 15'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# file per IO total latency
@@ -3948,14 +4109,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select file, total_latency from io_global_by_file_by_latency ORDER BY total_latency DESC LIMIT 20;'
+'select file, total_latency from sys.x\\$io_global_by_file_by_latency ORDER BY total_latency DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# file per IO read latency
@@ -3963,14 +4124,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select file, read_latency from io_global_by_file_by_latency ORDER BY read_latency DESC LIMIT 20;'
+'use sys;select file, read_latency from sys.x\\$io_global_by_file_by_latency ORDER BY read_latency DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# file per IO write latency
@@ -3978,14 +4139,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select file, write_latency from io_global_by_file_by_latency ORDER BY write_latency DESC LIMIT 20;'
+'use sys;select file, write_latency from sys.x\\$io_global_by_file_by_latency ORDER BY write_latency DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Event Wait by read bytes
@@ -3993,14 +4154,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"use sys;(select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);"
+'select event_name, total_read from sys.x\\$io_global_by_wait_by_bytes order by total_read DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Event Wait by write bytes
@@ -4008,14 +4169,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-"use sys;(select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);"
+'select event_name, total_written from sys.x\\$io_global_by_wait_by_bytes order by total_written DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# event per wait total latency
@@ -4023,14 +4184,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select event_name, total_latency from io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;'
+'use sys;select event_name, total_latency from sys.x\\$io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# event per wait read latency
@@ -4038,14 +4199,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select event_name, read_latency from io_global_by_wait_by_latency ORDER BY read_latency DESC LIMIT 20;'
+'use sys;select event_name, read_latency from sys.x\\$io_global_by_wait_by_latency ORDER BY read_latency DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# event per wait write latency
@@ -4053,14 +4214,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select event_name, write_latency from io_global_by_wait_by_latency ORDER BY write_latency DESC LIMIT 20;'
+'use sys;select event_name, write_latency from sys.x\\$io_global_by_wait_by_latency ORDER BY write_latency DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
#schema_index_statistics
@@ -4069,14 +4230,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name,index_name, rows_selected from schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;'
+'use sys;select table_schema, table_name,index_name, rows_selected from sys.x\\$schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 most used index
@@ -4084,14 +4245,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;'
+'use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from sys.x\\$schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high read latency index
@@ -4099,14 +4260,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name,index_name, select_latency from sys.x\\$schema_index_statistics ORDER BY select_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high insert latency index
@@ -4114,14 +4275,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name,index_name, insert_latency from sys.x\\$schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high update latency index
@@ -4129,14 +4290,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name,index_name, update_latency from sys.x\\$schema_index_statistics ORDER BY update_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high delete latency index
@@ -4144,14 +4305,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name,index_name, delete_latency from sys.x\\$schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 most read tables
@@ -4159,14 +4320,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name, rows_fetched from schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;'
+'use sys;select table_schema, table_name, rows_fetched from sys.x\\$schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 most used tables
@@ -4174,14 +4335,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;'
+'use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from sys.x\\$schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high read latency tables
@@ -4189,14 +4350,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name, fetch_latency from sys.x\\$schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high insert latency tables
@@ -4204,14 +4365,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name, insert_latency from sys.x\\$schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high update latency tables
@@ -4219,14 +4380,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name, update_latency from sys.x\\$schema_table_statistics ORDER BY update_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# TOP 15 high delete latency tables
@@ -4234,14 +4395,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;'
+'use sys;select table_schema, table_name, delete_latency from sys.x\\$schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
# Redundant indexes
@@ -4253,90 +4414,90 @@ sub mysqsl_pfs {
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Tables not using InnoDB buffer";
$nbL = 1;
for my $lQuery (
select_array(
-' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
+' Select table_schema, table_name from sys.x\\$schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Table not using InnoDB buffer";
$nbL = 1;
for my $lQuery (
select_array(
-' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
+' Select table_schema, table_name from sys.x\\$schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Table not using InnoDB buffer";
$nbL = 1;
for my $lQuery (
select_array(
-' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
+' Select table_schema, table_name from sys.x\\$schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Top 15 Tables using InnoDB buffer";
$nbL = 1;
for my $lQuery (
select_array(
-'select table_schema,table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;'
+'select table_schema,table_name,innodb_buffer_allocated from sys.x\\$schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Top 15 Tables with InnoDB buffer free";
$nbL = 1;
for my $lQuery (
select_array(
-'select table_schema,table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;'
+'select table_schema,table_name,innodb_buffer_free from sys.x\\$schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Top 15 Most executed queries";
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, exec_count from sys.statement_analysis order by exec_count DESC LIMIT 15;'
+'select db, query, exec_count from sys.x\\$statement_analysis order by exec_count DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4344,56 +4505,56 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select query, last_seen from sys.statements_with_errors_or_warnings ORDER BY last_seen LIMIT 100;'
+'select query, last_seen from sys.x\\$statements_with_errors_or_warnings ORDER BY last_seen LIMIT 100;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Top 20 queries with full table scans";
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, exec_count from sys.statements_with_full_table_scans order BY exec_count DESC LIMIT 20;'
+'select db, query, exec_count from sys.x\\$statements_with_full_table_scans order BY exec_count DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Last 50 queries with full table scans";
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, last_seen from sys.statements_with_full_table_scans order BY last_seen DESC LIMIT 50;'
+'select db, query, last_seen from sys.x\\$statements_with_full_table_scans order BY last_seen DESC LIMIT 50;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 reader queries (95% percentile)";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query , rows_sent from statements_with_runtimes_in_95th_percentile ORDER BY ROWs_sent DESC LIMIT 15;'
+'use sys;select db, query , rows_sent from sys.x\\$statements_with_runtimes_in_95th_percentile ORDER BY ROWs_sent DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4401,14 +4562,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;'
+'use sys;select db, query, rows_examined AS search from sys.x\\$statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4416,14 +4577,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, total_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;'
+'use sys;select db, query, total_latency AS search from sys.x\\$statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4431,14 +4592,14 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;'
+'use sys;select db, query, max_latency AS search from sys.x\\$statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4446,84 +4607,84 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;'
+'use sys;select db, query, avg_latency AS search from sys.x\\$statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Top 20 queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, exec_count from sys.statements_with_sorting order BY exec_count DESC LIMIT 20;'
+'select db, query, exec_count from sys.x\\$statements_with_sorting order BY exec_count DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Last 50 queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, last_seen from sys.statements_with_sorting order BY last_seen DESC LIMIT 50;'
+'select db, query, last_seen from sys.x\\$statements_with_sorting order BY last_seen DESC LIMIT 50;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 row sorting queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query , rows_sorted from statements_with_sorting ORDER BY ROWs_sorted DESC LIMIT 15;'
+'use sys;select db, query , rows_sorted from sys.x\\$statements_with_sorting ORDER BY ROWs_sorted DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 total latency queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;'
+'use sys;select db, query, total_latency AS search from sys.x\\$statements_with_sorting ORDER BY total_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 merge queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;'
+'use sys;select db, query, sort_merge_passes AS search from sys.x\\$statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4531,42 +4692,42 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;'
+'select db, query, avg_sort_merges AS search from sys.x\\$statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 scans queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;'
+'use sys;select db, query, sorts_using_scans AS search from sys.x\\$statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 range queries with sort";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;'
+'use sys;select db, query, sort_using_range AS search from sys.x\\$statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
##################################################################################
@@ -4595,28 +4756,28 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, exec_count from sys.statements_with_temp_tables order BY exec_count DESC LIMIT 20;'
+'select db, query, exec_count from sys.x\\$statements_with_temp_tables order BY exec_count DESC LIMIT 20;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: Last 50 queries with temp table";
$nbL = 1;
for my $lQuery (
select_array(
-'select db, query, last_seen from sys.statements_with_temp_tables order BY last_seen DESC LIMIT 50;'
+'select db, query, last_seen from sys.x\\$statements_with_temp_tables order BY last_seen DESC LIMIT 50;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint
@@ -4624,28 +4785,28 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, total_latency AS search from statements_with_temp_tables ORDER BY total_latency DESC LIMIT 15;'
+'select db, query, total_latency AS search from sys.x\\$statements_with_temp_tables ORDER BY total_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 queries with temp table to disk";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select db, query, disk_tmp_tables from statements_with_temp_tables ORDER BY disk_tmp_tables DESC LIMIT 15;'
+'use sys;select db, query, disk_tmp_tables from sys.x\\$statements_with_temp_tables ORDER BY disk_tmp_tables DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
##################################################################################
@@ -4665,84 +4826,84 @@ sub mysqsl_pfs {
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;'
+'use sys;select event_class, total from sys.x\\$wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 30 events by number";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select events, total from waits_global_by_latency ORDER BY total DESC LIMIT 30;'
+'use sys;select events, total from sys.x\\$waits_global_by_latency ORDER BY total DESC LIMIT 30;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 class events by total latency";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;'
+'use sys;select event_class, total_latency from sys.x\\$wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 30 events by total latency";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select events, total_latency from waits_global_by_latency ORDER BY total_latency DESC LIMIT 30;'
+'use sys;select events, total_latency from sys.x\\$waits_global_by_latency ORDER BY total_latency DESC LIMIT 30;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 15 class events by max latency";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;'
+'select event_class, max_latency from sys.x\\$wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
subheaderprint "Performance schema: TOP 30 events by max latency";
$nbL = 1;
for my $lQuery (
select_array(
-'use sys;select events, max_latency from waits_global_by_latency ORDER BY max_latency DESC LIMIT 30;'
+'select events, max_latency from sys.x\\$waits_global_by_latency ORDER BY max_latency DESC LIMIT 30;'
)
)
{
infoprint " +-- $nbL: $lQuery";
$nbL++;
}
- infoprint "No information found or indicators desactivated."
+ infoprint "No information found or indicators deactivated."
if ( $nbL == 1 );
}
@@ -4844,8 +5005,9 @@ sub mariadb_xtradb {
return;
}
infoprint "XtraDB is enabled.";
+ infoprint "Note that MariaDB 10.2 makes use of InnoDB, not XtraDB."
- # All is to done here
+ # All is to done here
}
# Recommendations for RocksDB
@@ -4899,6 +5061,7 @@ sub mariadb_connect {
# Perl trim function to remove whitespace from the start and end of the string
sub trim {
my $string = shift;
+ return "" unless defined($string);
$string =~ s/^\s+//;
$string =~ s/\s+$//;
return $string;
@@ -4908,6 +5071,8 @@ sub get_wsrep_options {
return () unless defined $myvar{'wsrep_provider_options'};
my @galera_options = split /;/, $myvar{'wsrep_provider_options'};
+ my $wsrep_slave_threads = $myvar{'wsrep_slave_threads'};
+ push @galera_options, ' wsrep_slave_threads = ' . $wsrep_slave_threads;
@galera_options = remove_cr @galera_options;
@galera_options = remove_empty @galera_options;
debugprint Dumper( \@galera_options );
@@ -4915,7 +5080,7 @@ sub get_wsrep_options {
}
sub get_gcache_memory {
- my $gCacheMem = get_wsrep_option('gcache.size');
+ my $gCacheMem = hr_raw( get_wsrep_option('gcache.size') );
return 0 unless defined $gCacheMem and $gCacheMem ne '';
return $gCacheMem;
@@ -4928,6 +5093,7 @@ sub get_wsrep_option {
return '' unless scalar(@galera_options) > 0;
my @memValues = grep /\s*$key =/, @galera_options;
my $memValue = $memValues[0];
+ return 0 unless defined $memValue;
$memValue =~ s/.*=\s*(.+)$/$1/g;
return $memValue;
}
@@ -4976,6 +5142,74 @@ group by c.table_schema,c.table_name
having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
);
+ if ( get_wsrep_option('wsrep_slave_threads') > (cpu_cores) * 4
+ or get_wsrep_option('wsrep_slave_threads') < (cpu_cores) * 3 )
+ {
+ badprint
+"wsrep_slave_threads is not equal to 2, 3 or 4 times number of CPU(s)";
+ push @adjvars, "wsrep_slave_threads= Nb of Core CPU * 4";
+ }
+ else {
+ goodprint
+ "wsrep_slave_threads is equal to 2, 3 or 4 times number of CPU(s)";
+ }
+
+ if ( get_wsrep_option('gcs.fc_limit') !=
+ get_wsrep_option('wsrep_slave_threads') * 5 )
+ {
+ badprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
+ push @adjvars, "gcs.fc_limit= wsrep_slave_threads * 5";
+ }
+ else {
+ goodprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
+ }
+
+ if ( get_wsrep_option('wsrep_slave_threads') > 1 ) {
+ infoprint
+ "wsrep parallel slave can cause frequent inconsistency crash.";
+ push @adjvars,
+"Set wsrep_slave_threads to 1 in case of HA_ERR_FOUND_DUPP_KEY crash on slave";
+
+ # check options for parallel slave
+ if ( get_wsrep_option('wsrep_slave_FK_checks') eq "OFF" ) {
+ badprint "wsrep_slave_FK_checks is off with parallel slave";
+ push @adjvars,
+ "wsrep_slave_FK_checks should be ON when using parallel slave";
+ }
+
+ # wsrep_slave_UK_checks seems useless in MySQL source code
+ if ( $myvar{'innodb_autoinc_lock_mode'} != 2 ) {
+ badprint
+ "innodb_autoinc_lock_mode is incorrect with parallel slave";
+ push @adjvars,
+ "innodb_autoinc_lock_mode should be 2 when using parallel slave";
+ }
+ }
+
+ if ( get_wsrep_option('gcs.fc_limit') != $myvar{'wsrep_slave_threads'} * 5 )
+ {
+ badprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
+ push @adjvars, "gcs.fc_limit= wsrep_slave_threads * 5";
+ }
+ else {
+ goodprint "gcs.fc_limit is equal to 5 * wsrep_slave_threads";
+ }
+
+ if ( get_wsrep_option('gcs.fc_factor') != 0.8 ) {
+ badprint "gcs.fc_factor should be equal to 0.8";
+ push @adjvars, "gcs.fc_factor=0.8";
+ }
+ else {
+ goodprint "gcs.fc_factor is equal to 0.8";
+ }
+ if ( get_wsrep_option('wsrep_flow_control_paused') > 0.02 ) {
+ badprint "Fraction of time node pause flow control > 0.02";
+ }
+ else {
+ goodprint
+"Flow control fraction seems to be OK (wsrep_flow_control_paused<=0.02)";
+ }
+
if ( scalar(@primaryKeysNbTables) > 0 ) {
badprint "Following table(s) don't have primary key:";
foreach my $badtable (@primaryKeysNbTables) {
@@ -5036,6 +5270,7 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
else {
badprint
"There are $nbNodesSize nodes in wsrep_cluster_size. Prefer 3 or 5 nodes architecture.";
+ push @generalrec, "Prefer 3 or 5 nodes architecture.";
}
# wsrep_cluster_address doesn't include garbd nodes
@@ -5081,7 +5316,9 @@ having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
badprint "Galera Notify command is not defined.";
push( @adjvars, "set up parameter wsrep_notify_cmd to be notify" );
}
- if ( trim( $myvar{'wsrep_sst_method'} ) !~ "^xtrabackup.*" ) {
+ if ( trim( $myvar{'wsrep_sst_method'} ) !~ "^xtrabackup.*"
+ and trim( $myvar{'wsrep_sst_method'} ) !~ "^mariabackup" )
+ {
badprint "Galera SST method is not xtrabackup based.";
push( @adjvars,
"set up parameter wsrep_sst_method to xtrabackup based parameter"
@@ -5210,9 +5447,7 @@ sub mysql_innodb {
}
if ( defined $myvar{'innodb_log_file_size'} ) {
infoprint " +-- InnoDB Log File Size: "
- . hr_bytes( $myvar{'innodb_log_file_size'} ) . "("
- . $mycalc{'innodb_log_size_pct'}
- . " % of buffer pool)";
+ . hr_bytes( $myvar{'innodb_log_file_size'} );
}
if ( defined $myvar{'innodb_log_files_in_group'} ) {
infoprint " +-- InnoDB Log File In Group: "
@@ -5220,7 +5455,11 @@ sub mysql_innodb {
}
if ( defined $myvar{'innodb_log_files_in_group'} ) {
infoprint " +-- InnoDB Total Log File Size: "
- . hr_bytes( $myvar{'innodb_log_files_in_group'}*$myvar{'innodb_log_file_size'});
+ . hr_bytes( $myvar{'innodb_log_files_in_group'} *
+ $myvar{'innodb_log_file_size'} )
+ . "("
+ . $mycalc{'innodb_log_size_pct'}
+ . " % of buffer pool)";
}
if ( defined $myvar{'innodb_log_buffer_size'} ) {
infoprint " +-- InnoDB Log Buffer: "
@@ -5240,7 +5479,7 @@ sub mysql_innodb {
. $myvar{'innodb_thread_concurrency'};
}
- # InnoDB Buffer Pull Size
+ # InnoDB Buffer Pool Size
if ( $myvar{'innodb_file_per_table'} eq "ON" ) {
goodprint "InnoDB File per table is activated";
}
@@ -5249,7 +5488,7 @@ sub mysql_innodb {
push( @adjvars, "innodb_file_per_table=ON" );
}
- # InnoDB Buffer Pull Size
+ # InnoDB Buffer Pool Size
if ( $myvar{'innodb_buffer_pool_size'} > $enginestats{'InnoDB'} ) {
goodprint "InnoDB buffer pool / data size: "
. hr_bytes( $myvar{'innodb_buffer_pool_size'} ) . "/"
@@ -5269,22 +5508,32 @@ sub mysql_innodb {
{
badprint "Ratio InnoDB log file size / InnoDB Buffer pool size ("
. $mycalc{'innodb_log_size_pct'} . " %): "
- . hr_bytes( $myvar{'innodb_log_file_size'} )." * ".$myvar{'innodb_log_files_in_group'}. "/"
+ . hr_bytes( $myvar{'innodb_log_file_size'} ) . " * "
+ . $myvar{'innodb_log_files_in_group'} . "/"
. hr_bytes( $myvar{'innodb_buffer_pool_size'} )
. " should be equal 25%";
- push( @adjvars,
-"innodb_log_file_size should be equals to 1/4 of buffer pool size (="
- . hr_bytes_rnd( $myvar{'innodb_buffer_pool_size'} / 4 )
- . ") if possible." );
+ push(
+ @adjvars,
+ "innodb_log_file_size should be (="
+ . hr_bytes_rnd(
+ $myvar{'innodb_buffer_pool_size'} /
+ $myvar{'innodb_log_files_in_group'} / 4
+ )
+ . ") if possible, so InnoDB total log files size equals to 25% of buffer pool size."
+ );
+ push( @generalrec,
+"Read this before changing innodb_log_file_size and/or innodb_log_files_in_group: http://bit.ly/2wgkDvS"
+ );
}
else {
- goodprint "InnoDB log file size / InnoDB Buffer pool size: "
- . hr_bytes( $myvar{'innodb_log_file_size'} ) ." * ".$myvar{'innodb_log_files_in_group'}. "/"
+ goodprint "Ratio InnoDB log file size / InnoDB Buffer pool size: "
+ . hr_bytes( $myvar{'innodb_log_file_size'} ) . " * "
+ . $myvar{'innodb_log_files_in_group'} . "/"
. hr_bytes( $myvar{'innodb_buffer_pool_size'} )
. " should be equal 25%";
}
- # InnoDB Buffer Pull Instances (MySQL 5.6.6+)
+ # InnoDB Buffer Pool Instances (MySQL 5.6.6+)
if ( defined( $myvar{'innodb_buffer_pool_instances'} ) ) {
# Bad Value if > 64
@@ -5294,12 +5543,12 @@ sub mysql_innodb {
push( @adjvars, "innodb_buffer_pool_instances (<= 64)" );
}
- # InnoDB Buffer Pull Size > 1Go
+ # InnoDB Buffer Pool Size > 1Go
if ( $myvar{'innodb_buffer_pool_size'} > 1024 * 1024 * 1024 ) {
-# InnoDB Buffer Pull Size / 1Go = InnoDB Buffer Pull Instances limited to 64 max.
+# InnoDB Buffer Pool Size / 1Go = InnoDB Buffer Pool Instances limited to 64 max.
- # InnoDB Buffer Pull Size > 64Go
+ # InnoDB Buffer Pool Size > 64Go
my $max_innodb_buffer_pool_instances =
int( $myvar{'innodb_buffer_pool_size'} / ( 1024 * 1024 * 1024 ) );
$max_innodb_buffer_pool_instances = 64
@@ -5320,7 +5569,7 @@ sub mysql_innodb {
. $myvar{'innodb_buffer_pool_instances'} . "";
}
- # InnoDB Buffer Pull Size < 1Go
+ # InnoDB Buffer Pool Size < 1Go
}
else {
if ( $myvar{'innodb_buffer_pool_instances'} != 1 ) {
@@ -5368,7 +5617,7 @@ sub mysql_innodb {
}
}
- # InnoDB Read efficency
+ # InnoDB Read efficiency
if ( defined $mycalc{'pct_read_efficiency'}
&& $mycalc{'pct_read_efficiency'} < 90 )
{
@@ -5453,13 +5702,15 @@ sub mysql_databases {
return;
}
- my @dblist = select_array("SHOW DATABASES;");
+ my @dblist = select_array(
+"SELECT DISTINCT TABLE_SCHEMA FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
+ );
infoprint "There is " . scalar(@dblist) . " Database(s).";
my @totaldbinfo = split /\s/,
select_one(
-"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql' );"
+"SELECT SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
);
- infoprint "All Databases:";
+ infoprint "All User Databases:";
infoprint " +-- TABLE : "
. ( $totaldbinfo[4] eq 'NULL' ? 0 : $totaldbinfo[4] ) . "";
infoprint " +-- ROWS : "
@@ -5497,15 +5748,6 @@ sub mysql_databases {
print "\n" unless ( $opt{'silent'} or $opt{'json'} );
foreach (@dblist) {
- chomp($_);
- if ( $_ eq "information_schema"
- or $_ eq "performance_schema"
- or $_ eq "mysql"
- or $_ eq "" )
- {
- next;
- }
-
my @dbinfo = split /\s/,
select_one(
"SELECT TABLE_SCHEMA, SUM(TABLE_ROWS), SUM(DATA_LENGTH), SUM(INDEX_LENGTH) , SUM(DATA_LENGTH+INDEX_LENGTH), COUNT(DISTINCT ENGINE),COUNT(TABLE_NAME),COUNT(DISTINCT(TABLE_COLLATION)),COUNT(DISTINCT(ENGINE)) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_' GROUP BY TABLE_SCHEMA ORDER BY TABLE_SCHEMA"
@@ -5542,7 +5784,9 @@ sub mysql_databases {
)
) . ")";
badprint "Index size is larger than data size for $dbinfo[0] \n"
- if ( $dbinfo[2] ne 'NULL' ) and ( $dbinfo[3] ne 'NULL' ) and ( $dbinfo[2] < $dbinfo[3] );
+ if ( $dbinfo[2] ne 'NULL' )
+ and ( $dbinfo[3] ne 'NULL' )
+ and ( $dbinfo[2] < $dbinfo[3] );
badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n"
if $dbinfo[5] > 1;
$result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1];
@@ -5623,6 +5867,68 @@ sub mysql_databases {
}
+# Recommendations for database columns
+sub mysql_tables {
+ return if ( $opt{dbstat} == 0 );
+
+ subheaderprint "Table Column Metrics";
+ unless ( mysql_version_ge( 5, 5 ) ) {
+ infoprint
+"Skip Database metrics from information schema missing in this version";
+ return;
+ }
+ my @dblist = select_array(
+"SELECT DISTINCT TABLE_SCHEMA FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ( 'mysql', 'performance_schema', 'information_schema', 'sys' );"
+ );
+ foreach (@dblist) {
+ my $dbname = $_;
+ next unless defined $_;
+ infoprint "Database: " . $_ . "";
+ my @dbtable = select_array(
+"SELECT TABLE_NAME FROM information_schema.TABLES WHERE TABLE_SCHEMA='$dbname' AND TABLE_TYPE='BASE TABLE' ORDER BY TABLE_NAME"
+ );
+ foreach (@dbtable) {
+ my $tbname = $_;
+ infoprint " +-- TABLE: $tbname";
+ my @tbcol = select_array(
+"SELECT COLUMN_NAME FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='$dbname' AND TABLE_NAME='$tbname'"
+ );
+ foreach (@tbcol) {
+ my $ctype = select_one(
+"SELECT COLUMN_TYPE FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='$dbname' AND TABLE_NAME='$tbname' AND COLUMN_NAME='$_' "
+ );
+ my $isnull = select_one(
+"SELECT IS_NULLABLE FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='$dbname' AND TABLE_NAME='$tbname' AND COLUMN_NAME='$_' "
+ );
+ infoprint " +-- Column $tbname.$_:";
+ my $current_type =
+ uc($ctype) . ( $isnull eq 'NO' ? " NOT NULL" : "" );
+ my $optimal_type = select_str_g( "Optimal_fieldtype",
+ "SELECT $_ FROM $dbname.$tbname PROCEDURE ANALYSE(100000)"
+ );
+ if ( not defined($optimal_type) or $optimal_type eq '' ) {
+ infoprint " Current Fieldtype: $current_type";
+ infoprint " Optimal Fieldtype: Not available";
+ }
+ elsif ( $current_type ne $optimal_type ) {
+ infoprint " Current Fieldtype: $current_type";
+ infoprint " Optimal Fieldtype: $optimal_type";
+ badprint
+"Consider changing type for column $_ in table $dbname.$tbname";
+ push( @generalrec,
+ "ALTER TABLE $dbname.$tbname MODIFY $_ $optimal_type;"
+ );
+
+ }
+ else {
+ goodprint "$dbname.$tbname ($_) type: $current_type";
+ }
+ }
+ }
+
+ }
+}
+
# Recommendations for Indexes metrics
sub mysql_indexes {
return if ( $opt{idxstat} == 0 );
@@ -5681,7 +5987,7 @@ ENDSQL
my @info = split /\s/;
infoprint "Index: " . $info[1] . "";
- infoprint " +-- COLUNM : " . $info[0] . "";
+ infoprint " +-- COLUMN : " . $info[0] . "";
infoprint " +-- NB SEQS : " . $info[2] . " sequence(s)";
infoprint " +-- NB COLS : " . $info[3] . " column(s)";
infoprint " +-- CARDINALITY : " . $info[4] . " distinct values";
@@ -5689,13 +5995,13 @@ ENDSQL
infoprint " +-- TYPE : " . $info[6];
infoprint " +-- SELECTIVITY : " . $info[7] . "%";
- $result{'Indexes'}{ $info[1] }{'Colunm'} = $info[0];
- $result{'Indexes'}{ $info[1] }{'Sequence number'} = $info[2];
- $result{'Indexes'}{ $info[1] }{'Number of collunm'} = $info[3];
- $result{'Indexes'}{ $info[1] }{'Cardianality'} = $info[4];
- $result{'Indexes'}{ $info[1] }{'Row number'} = $info[5];
- $result{'Indexes'}{ $info[1] }{'Index Type'} = $info[6];
- $result{'Indexes'}{ $info[1] }{'Selectivity'} = $info[7];
+ $result{'Indexes'}{ $info[1] }{'Column'} = $info[0];
+ $result{'Indexes'}{ $info[1] }{'Sequence number'} = $info[2];
+ $result{'Indexes'}{ $info[1] }{'Number of column'} = $info[3];
+ $result{'Indexes'}{ $info[1] }{'Cardinality'} = $info[4];
+ $result{'Indexes'}{ $info[1] }{'Row number'} = $info[5];
+ $result{'Indexes'}{ $info[1] }{'Index Type'} = $info[6];
+ $result{'Indexes'}{ $info[1] }{'Selectivity'} = $info[7];
if ( $info[7] < 25 ) {
badprint "$info[1] has a low selectivity";
}
@@ -5791,6 +6097,7 @@ if ( $opt{'template'} ne 0 ) {
$templateModel = file2string( $opt{'template'} );
}
else {
+
# DEFAULT REPORT TEMPLATE
$templateModel = <<'END_TEMPLATE';
@@ -5871,9 +6178,14 @@ sub which {
# ---------------------------------------------------------------------------
# BEGIN 'MAIN'
# ---------------------------------------------------------------------------
-headerprint; # Header Print
+headerprint; # Header Print
+
validate_tuner_version; # Check last version
mysql_setup; # Gotta login first
+debugprint "MySQL FINAL Client : $mysqlcmd $mysqllogin";
+debugprint "MySQL Admin FINAL Client : $mysqladmincmd $mysqllogin";
+
+#exit(0);
os_setup; # Set up some OS variables
get_all_vars; # Toss variables/status into hashes
get_tuning_info; # Get information about the tuning connexion
@@ -5881,9 +6193,11 @@ validate_mysql_version; # Check current MySQL version
check_architecture; # Suggest 64-bit upgrade
system_recommendations; # avoid to many service on the same host
-log_file_recommandations; # check log file content
+log_file_recommendations; # check log file content
check_storage_engines; # Show enabled storage engines
mysql_databases; # Show informations about databases
+mysql_tables; # Show informations about table column
+
mysql_indexes; # Show informations about indexes
security_recommendations; # Display some security recommendations
cve_recommendations; # Display related CVE
@@ -5911,13 +6225,14 @@ close_outputfile; # Close reportfile if needed
1;
__END__
+
=pod
=encoding UTF-8
=head1 NAME
- MySQLTuner 1.7.0 - MySQL High Performance Tuning Script
+ MySQLTuner 1.7.9 - MySQL High Performance Tuning Script
=head1 IMPORTANT USAGE GUIDELINES
@@ -5926,18 +6241,20 @@ Allow MySQL server to run for at least 24-48 hours before trusting suggestions
Some routines may require root level privileges (script will provide warnings)
You must provide the remote server's total memory when connecting to other servers
-=head1 CONNECTION AND AUTHENTIFICATION
+=head1 CONNECTION AND AUTHENTICATION
+
+ --host Connect to a remote host to perform tests (default: localhost)
+ --socket Use a different socket for a local connection
+ --port Port to use for connection (default: 3306)
+ --user Username to use for authentication
+ --userenv Name of env variable which contains username to use for authentication
+ --pass Password to use for authentication
+ --passenv Name of env variable which contains password to use for authentication
+ --ssl-ca Path to public key
+ --mysqladmin Path to a custom mysqladmin executable
+ --mysqlcmd Path to a custom mysql executable
+ --defaults-file Path to a custom .my.cnf
- --host Connect to a remote host to perform tests (default: localhost)
- --socket Use a different socket for a local connection
- --port Port to use for connection (default: 3306)
- --user Username to use for authentication
- --userenv Name of env variable which contains username to use for authentication
- --pass Password to use for authentication
- --passenv Name of env variable which contains password to use for authentication
- --mysqladmin Path to a custom mysqladmin executable
- --mysqlcmd Path to a custom mysql executable
- --defaults-file Path to a custom .my.cnf
=head1 PERFORMANCE AND REPORTING OPTIONS
--skipsize Don't enumerate tables and their types/sizes (default: on)
@@ -5962,7 +6279,7 @@ You must provide the remote server's total memory when connecting to other serve
--pfstat Print Performance schema
--bannedports Ports banned separated by comma(,)
--maxportallowed Number of ports opened allowed on this hosts
- --cvefile CVE File for vulnerability checks
+ --cvefile CVE File for vulnerability checks
--nocolor Don't print output in color
--json Print result as JSON string
--buffers Print global and per-thread buffer values
@@ -5970,6 +6287,7 @@ You must provide the remote server's total memory when connecting to other serve
--reportfile Path to a report txt file
--template Path to a template file
--verbose Prints out all options (default: no verbose)
+
=head1 PERLDOC
You can find documentation for this module with the perldoc command.
@@ -6145,7 +6463,7 @@ L
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2006-2015 Major Hayden - major@mhtx.net
+Copyright (C) 2006-2017 Major Hayden - major@mhtx.net
For the latest updates, please visit http://mysqltuner.com/
@@ -6172,4 +6490,3 @@ along with this program. If not, see .
# cperl-indent-level: 8
# perl-indent-level: 8
# End:
-
diff --git a/vulnerabilities.csv b/vulnerabilities.csv
index f604d2a..6efefed 100755
--- a/vulnerabilities.csv
+++ b/vulnerabilities.csv
@@ -1,140 +1,140 @@
-4.0.20;4;0;20;CVE-2004-0457;Candidate;"The mysqlhotcopy script in mysql 4.0.20 and earlier; when using the scp method from the mysql-server package; allows local users to overwrite arbitrary files via a symlink attack on temporary files.";"DEBIAN:DSA-540 | URL:http://www.debian.org/security/2004/dsa-540 | CONFIRM:http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | OVAL:oval:org.mitre.oval:def:10693 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10693 | XF:mysql-mysqlhotcopy-insecure-file(17030) | URL:http://xforce.iss.net/xforce/xfdb/17030";Assigned (20040506);"None (candidate not yet proposed)";
-4.0.21;4;0;21;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)";
-3.23.49;3;23;49;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)";
+4.0.20;4;0;20;CVE-2004-0457;Candidate;"The mysqlhotcopy script in mysql 4.0.20 and earlier; when using the scp method from the mysql-server package; allows local users to overwrite arbitrary files via a symlink attack on temporary files.";"DEBIAN:DSA-540 | URL:http://www.debian.org/security/2004/dsa-540 | CONFIRM:http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | OVAL:oval:org.mitre.oval:def:10693 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10693 | XF:mysql-mysqlhotcopy-insecure-file(17030) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17030";Assigned (20040506);"None (candidate not yet proposed)";
+4.0.20;4;0;20;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17047";Assigned (20040908);"None (candidate not yet proposed)";
+3.23.48;3;23;48;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/17047";Assigned (20040908);"None (candidate not yet proposed)";
4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.info/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)";
-4.1.21;4;1;21;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | OVAL:oval:org.mitre.oval:def:9827 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9827 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930 | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226";Assigned (20060710);"None (candidate not yet proposed)";
-4.1.23;4;1;23;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.42;5;0;42;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.1.18;5;1;18;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.40;5;0;40;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.1.18;5;1;18;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-3780;Candidate;"MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=28984 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2007:0875 | URL:http://www.redhat.com/support/errata/RHSA-2007-0875.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:36732 | URL:http://osvdb.org/36732 | OVAL:oval:org.mitre.oval:def:11058 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11058 | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | SECTRACK:1018629 | URL:http://www.securitytracker.com/id?1018629 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26621 | URL:http://secunia.com/advisories/26621 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-3781;Candidate;"MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement; which allows remote authenticated users to obtain sensitive information such as the table structure.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=25578 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:37783 | URL:http://osvdb.org/37783 | OVAL:oval:org.mitre.oval:def:9195 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9195 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-3782;Candidate;"MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://bugs.mysql.com/bug.php?id=27878 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OVAL:oval:org.mitre.oval:def:10563 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10563 | SECTRACK:1018663 | URL:http://securitytracker.com/id?1018663 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.0.52;5;0;52;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
-5.0.66;5;0;66;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
-5.1.26;5;1;26;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
-6.0.6;6;0;6;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
-5.0.88;5;0;88;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
-5.1.41;5;1;41;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
-1.9.9;1;9;9;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.90;5;0;90;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.1.43;5;1;43;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.5.0;5;5;0;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-37.1.1;37;1;1;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.93;5;0;93;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
-5.1.48;5;1;48;CVE-2010-2008;Candidate;"MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot); .. (dot dot); ../ (dot dot slash) or similar sequence; and an UPGRADE DATA DIRECTORY NAME command; which causes MySQL to move certain directories to the server data directory.";"CONFIRM:http://bugs.mysql.com/bug.php?id=53804 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html | FEDORA:FEDORA-2010-11135 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html | MANDRIVA:MDVSA-2010:155 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:41198 | URL:http://www.securityfocus.com/bid/41198 | OVAL:oval:org.mitre.oval:def:11869 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11869 | SECTRACK:1024160 | URL:http://www.securitytracker.com/id?1024160 | SECUNIA:40333 | URL:http://secunia.com/advisories/40333 | SECUNIA:40762 | URL:http://secunia.com/advisories/40762 | VUPEN:ADV-2010-1918 | URL:http://www.vupen.com/english/advisories/2010/1918";Assigned (20100521);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:http://xforce.iss.net/xforce/xfdb/64843";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:http://xforce.iss.net/xforce/xfdb/64843";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3840;Candidate;"The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.";"MISC:http://lists.mysql.com/commits/117094 | CONFIRM:http://bugs.mysql.com/bug.php?id=51875 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640865 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0824 | URL:http://www.redhat.com/support/errata/RHSA-2010-0824.html | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-gislinestringinitfromwkb-dos(64838) | URL:http://xforce.iss.net/xforce/xfdb/64838";Assigned (20101007);"None (candidate not yet proposed)";
-0.9.4;0;9;4;CVE-2011-0432;Candidate;"Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.";"CONFIRM:http://code.google.com/p/pywebdav/updates/list | CONFIRM:http://pywebdav.googlecode.com/files/PyWebDAV-0.9.4.1.tar.gz | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=677718 | DEBIAN:DSA-2177 | URL:http://www.debian.org/security/2011/dsa-2177 | FEDORA:FEDORA-2011-2427 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055444.html | FEDORA:FEDORA-2011-2460 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055412.html | FEDORA:FEDORA-2011-2470 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055413.html | BID:46655 | URL:http://www.securityfocus.com/bid/46655 | SECUNIA:43571 | URL:http://secunia.com/advisories/43571 | SECUNIA:43602 | URL:http://secunia.com/advisories/43602 | SECUNIA:43703 | URL:http://secunia.com/advisories/43703 | VUPEN:ADV-2011-0553 | URL:http://www.vupen.com/english/advisories/2011/0553 | VUPEN:ADV-2011-0554 | URL:http://www.vupen.com/english/advisories/2011/0554 | VUPEN:ADV-2011-0634 | URL:http://www.vupen.com/english/advisories/2011/0634";Assigned (20110112);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:http://xforce.iss.net/xforce/xfdb/77061";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:http://xforce.iss.net/xforce/xfdb/77061";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17266 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17266 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17266 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17266 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-0578;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16947 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16947 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.60;5;1;60;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53061 | URL:http://www.securityfocus.com/bid/53061 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.5.19;5;5;19;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53061 | URL:http://www.securityfocus.com/bid/53061 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:http://xforce.iss.net/xforce/xfdb/77065";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.22;5;5;22;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:http://xforce.iss.net/xforce/xfdb/77065";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.19;5;5;19;CVE-2012-1696;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53071 | URL:http://www.securityfocus.com/bid/53071 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1697;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53064 | URL:http://www.securityfocus.com/bid/53064 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:http://xforce.iss.net/xforce/xfdb/77064";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:http://xforce.iss.net/xforce/xfdb/77064";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1735;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54549 | URL:http://www.securityfocus.com/bid/54549 | OSVDB:83975 | URL:http://osvdb.org/83975 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-serveroptimizer-dos(77060) | URL:http://xforce.iss.net/xforce/xfdb/77060";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54524 | URL:http://www.securityfocus.com/bid/54524 | OSVDB:83978 | URL:http://osvdb.org/83978 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-server1-dos(77063) | URL:http://xforce.iss.net/xforce/xfdb/77063";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.23;5;5;23;CVE-2012-1757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54526 | URL:http://www.securityfocus.com/bid/54526 | OSVDB:83977 | URL:http://osvdb.org/83977 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-innodb1-dos(77062) | URL:http://xforce.iss.net/xforce/xfdb/77062";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-5.5.22;5;5;22;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-97.15.15;97;15;15;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3144;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-server-cve20123144-dos(79387) | URL:http://xforce.iss.net/xforce/xfdb/79387";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3147;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-cve20123147(79384) | URL:http://xforce.iss.net/xforce/xfdb/79384";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3149;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-info-disc(79390) | URL:http://xforce.iss.net/xforce/xfdb/79390";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-opt-dos(79388) | URL:http://xforce.iss.net/xforce/xfdb/79388";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-opt-dos(79388) | URL:http://xforce.iss.net/xforce/xfdb/79388";Assigned (20120606);"None (candidate not yet proposed)";
+4.1.20;4;1;20;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | OVAL:oval:org.mitre.oval:def:9827 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9827 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930 | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226";Assigned (20060710);"None (candidate not yet proposed)";
+4.1.22;4;1;22;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.41;5;0;41;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.1.17;5;1;17;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.39;5;0;39;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";
+5.1.17;5;1;17;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/34348";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-3780;Candidate;"MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=28984 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2007:0875 | URL:http://www.redhat.com/support/errata/RHSA-2007-0875.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:36732 | URL:http://osvdb.org/36732 | OVAL:oval:org.mitre.oval:def:11058 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11058 | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | SECTRACK:1018629 | URL:http://www.securitytracker.com/id?1018629 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26621 | URL:http://secunia.com/advisories/26621 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823";Assigned (20070715);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-3781;Candidate;"MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement; which allows remote authenticated users to obtain sensitive information such as the table structure.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=25578 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:37783 | URL:http://osvdb.org/37783 | OVAL:oval:org.mitre.oval:def:9195 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9195 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-3782;Candidate;"MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://bugs.mysql.com/bug.php?id=27878 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OVAL:oval:org.mitre.oval:def:10563 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10563 | SECTRACK:1018663 | URL:http://securitytracker.com/id?1018663 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
+5.0.51;5;0;51;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38989";Assigned (20071210);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38990";Assigned (20071210);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
+5.0.65;5;0;65;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";
+5.1.25;5;1;25;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";
+6.0.5;6;0;5;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45042";Assigned (20080909);"None (candidate not yet proposed)";
+5.0.87;5;0;87;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
+5.1.40;5;1;40;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
+1.9.8;1;9;8;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.0.89;5;0;89;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.1.42;5;1;42;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.5.-1;5;5;-1;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
+37.1.0;37;1;0;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.0.92;5;0;92;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
+5.1.49;5;1;49;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
+5.1.47;5;1;47;CVE-2010-2008;Candidate;"MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot); .. (dot dot); ../ (dot dot slash) or similar sequence; and an UPGRADE DATA DIRECTORY NAME command; which causes MySQL to move certain directories to the server data directory.";"CONFIRM:http://bugs.mysql.com/bug.php?id=53804 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html | FEDORA:FEDORA-2010-11135 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html | MANDRIVA:MDVSA-2010:155 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:41198 | URL:http://www.securityfocus.com/bid/41198 | OVAL:oval:org.mitre.oval:def:11869 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11869 | SECTRACK:1024160 | URL:http://www.securitytracker.com/id?1024160 | SECUNIA:40333 | URL:http://secunia.com/advisories/40333 | SECUNIA:40762 | URL:http://secunia.com/advisories/40762 | VUPEN:ADV-2010-1918 | URL:http://www.vupen.com/english/advisories/2010/1918";Assigned (20100521);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64845";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64844";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64843";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64843";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64842";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64841";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64840";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3840;Candidate;"The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.";"MISC:http://lists.mysql.com/commits/117094 | CONFIRM:http://bugs.mysql.com/bug.php?id=51875 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640865 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0824 | URL:http://www.redhat.com/support/errata/RHSA-2010-0824.html | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | UBUNTU:USN-1397-1 | URL:http://www.ubuntu.com/usn/USN-1397-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-gislinestringinitfromwkb-dos(64838) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/64838";Assigned (20101007);"None (candidate not yet proposed)";
+0.9.3;0;9;3;CVE-2011-0432;Candidate;"Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.";"CONFIRM:http://code.google.com/p/pywebdav/updates/list | CONFIRM:http://pywebdav.googlecode.com/files/PyWebDAV-0.9.4.1.tar.gz | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=677718 | DEBIAN:DSA-2177 | URL:http://www.debian.org/security/2011/dsa-2177 | FEDORA:FEDORA-2011-2427 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055444.html | FEDORA:FEDORA-2011-2460 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055412.html | FEDORA:FEDORA-2011-2470 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055413.html | BID:46655 | URL:http://www.securityfocus.com/bid/46655 | SECUNIA:43571 | URL:http://secunia.com/advisories/43571 | SECUNIA:43602 | URL:http://secunia.com/advisories/43602 | SECUNIA:43703 | URL:http://secunia.com/advisories/43703 | VUPEN:ADV-2011-0553 | URL:http://www.vupen.com/english/advisories/2011/0553 | VUPEN:ADV-2011-0554 | URL:http://www.vupen.com/english/advisories/2011/0554 | VUPEN:ADV-2011-0634 | URL:http://www.vupen.com/english/advisories/2011/0634";Assigned (20110112);"None (candidate not yet proposed)";
+5.1.62;5;1;62;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77061";Assigned (20120111);"None (candidate not yet proposed)";
+5.5.23;5;5;23;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77061";Assigned (20120111);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17266 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-0574;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | HP:HPSBUX02824 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | HP:SSRT100970 | URL:http://marc.info/?l=bugtraq&m=135109152819176&w=2 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17266 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-0578;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16947 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16947 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.1.60;5;1;60;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53061 | URL:http://www.securityfocus.com/bid/53061 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.5.19;5;5;19;CVE-2012-0583;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier; and 5.5.19 and earlier; allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53061 | URL:http://www.securityfocus.com/bid/53061 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.62;5;1;62;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77065";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.22;5;5;22;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77065";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.19;5;5;19;CVE-2012-1696;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53071 | URL:http://www.securityfocus.com/bid/53071 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-1697;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53064 | URL:http://www.securityfocus.com/bid/53064 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECTRACK:1026934 | URL:http://www.securitytracker.com/id?1026934 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.62;5;1;62;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77064";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.23;5;5;23;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77064";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.23;5;5;23;CVE-2012-1735;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54549 | URL:http://www.securityfocus.com/bid/54549 | OSVDB:83975 | URL:http://osvdb.org/83975 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-serveroptimizer-dos(77060) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77060";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.23;5;5;23;CVE-2012-1756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54524 | URL:http://www.securityfocus.com/bid/54524 | OSVDB:83978 | URL:http://osvdb.org/83978 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-server1-dos(77063) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77063";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.23;5;5;23;CVE-2012-1757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54526 | URL:http://www.securityfocus.com/bid/54526 | OSVDB:83977 | URL:http://osvdb.org/83977 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-innodb1-dos(77062) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/77062";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
+97.15.14;97;15;14;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3144;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-server-cve20123144-dos(79387) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79387";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3147;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-cve20123147(79384) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79384";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3149;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-info-disc(79390) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79390";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.64;5;1;64;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-opt-dos(79388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79388";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3150;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-opt-dos(79388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79388";Assigned (20120606);"None (candidate not yet proposed)";
5.5.25;5;5;25;CVE-2012-3156;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-protocol-cve20123158(79382) | URL:http://xforce.iss.net/xforce/xfdb/79382";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-protocol-cve20123158(79382) | URL:http://xforce.iss.net/xforce/xfdb/79382";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:http://xforce.iss.net/xforce/xfdb/79394";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:http://xforce.iss.net/xforce/xfdb/79394";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:http://xforce.iss.net/xforce/xfdb/79381";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:http://xforce.iss.net/xforce/xfdb/79381";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.64;5;1;64;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-protocol-cve20123158(79382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79382";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3158;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Protocol.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-protocol-cve20123158(79382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79382";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.65;5;1;65;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79394";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.27;5;5;27;CVE-2012-3160;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows local users to affect confidentiality via unknown vectors related to Server Installation.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverinstallation-info-disc(79394) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79394";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.64;5;1;64;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79381";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3163;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | CONFIRM:http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:56509 | URL:http://secunia.com/advisories/56509 | SECUNIA:56513 | URL:http://secunia.com/advisories/56513 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-informationschema-cve20123163(79381) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79381";Assigned (20120606);"None (candidate not yet proposed)";
5.1.63;5;1;63;CVE-2012-3166;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120606);"None (candidate not yet proposed)";
5.5.25;5;5;25;CVE-2012-3166;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.63;5;1;63;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:http://xforce.iss.net/xforce/xfdb/79392";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:http://xforce.iss.net/xforce/xfdb/79392";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.63;5;1;63;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-innodbplugin-dos(79386) | URL:http://xforce.iss.net/xforce/xfdb/79386";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-innodbplugin-dos(79386) | URL:http://xforce.iss.net/xforce/xfdb/79386";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-server-dos(79383) | URL:http://xforce.iss.net/xforce/xfdb/79383";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-server-dos(79383) | URL:http://xforce.iss.net/xforce/xfdb/79383";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.65;5;1;65;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:http://xforce.iss.net/xforce/xfdb/79389";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:http://xforce.iss.net/xforce/xfdb/79389";Assigned (20120606);"None (candidate not yet proposed)";
-5.1.64;5;1;64;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:http://xforce.iss.net/xforce/xfdb/79393";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.26;5;5;26;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:http://xforce.iss.net/xforce/xfdb/79393";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.2.12;5;2;12;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.3.7;5;3;7;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.1.63;5;1;63;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79392";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.25;5;5;25;CVE-2012-3167;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverfulltextsearch-dos(79392) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79392";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.63;5;1;63;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-innodbplugin-dos(79386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79386";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.25;5;5;25;CVE-2012-3173;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier; and 5.5.25 and earlier; allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-innodbplugin-dos(79386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79386";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.65;5;1;65;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-server-dos(79383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79383";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.27;5;5;27;CVE-2012-3177;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-server-dos(79383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79383";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.65;5;1;65;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79389";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.27;5;5;27;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79389";Assigned (20120606);"None (candidate not yet proposed)";
+5.1.64;5;1;64;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79393";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/79393";Assigned (20120606);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.2.11;5;2;11;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.3.6;5;3;6;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.5.24;5;5;24;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
5.1.65;5;1;65;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120921);"None (candidate not yet proposed)";
5.5.27;5;5;27;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120921);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2012-5096;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16877 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16877 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120922);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0367;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17077 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17077 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0368;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17255 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17255 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0371;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16451 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16451 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17175 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17175 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.28;5;1;28;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17175 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17175 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16758 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16758 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16758 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16758 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16632 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16632 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16632 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16632 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16267 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16267 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16267 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16267 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0386;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16835 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16835 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.1.66;5;1;66;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.28;5;5;28;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-5096;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16877 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16877 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120922);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0367;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17077 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17077 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0368;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17255 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17255 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0371;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability; related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16451 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16451 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17175 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.1.28;5;1;28;CVE-2013-0375;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.1.28 and earlier; allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17175 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16758 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16758 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0383;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote attackers to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16758 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16758 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16632 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0384;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Information Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16632 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16267 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0385;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16267 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16267 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0386;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16835 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16835 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.1.66;5;1;66;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.1.67;5;1;67;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
@@ -150,13 +150,13 @@
5.1.63;5;1;63;CVE-2013-1548;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.1.67;5;1;67;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.5.29;5;5;29;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.3.13;5;3;13;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.2.15;5;2;15;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.1.69;5;1;69;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.5.29;5;5;29;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.3.12;5;3;12;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.2.14;5;2;14;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.1.67;5;1;67;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.1.68;5;1;68;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82895";Assigned (20130219);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-2381;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.1.68;5;1;68;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
@@ -164,9 +164,9 @@
5.1.68;5;1;68;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3783;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61210 | URL:http://www.securityfocus.com/bid/61210 | OSVDB:95332 | URL:http://osvdb.org/95332 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133783(85719) | URL:http://xforce.iss.net/xforce/xfdb/85719";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3783;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61210 | URL:http://www.securityfocus.com/bid/61210 | OSVDB:95332 | URL:http://osvdb.org/95332 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133783(85719) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85719";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85710";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85710";Assigned (20130603);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3795;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61241 | URL:http://www.securityfocus.com/bid/61241 | OSVDB:95324 | URL:http://osvdb.org/95324";Assigned (20130603);"None (candidate not yet proposed)";
@@ -174,378 +174,651 @@
5.6.11;5;6;11;CVE-2013-3798;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61274 | URL:http://www.securityfocus.com/bid/61274 | OSVDB:95321 | URL:http://osvdb.org/95321";Assigned (20130603);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.69;5;1;69;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.69;5;1;69;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)";
+5.1.69;5;1;69;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85712";Assigned (20130603);"None (candidate not yet proposed)";
+5.1.69;5;1;69;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85715";Assigned (20130603);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3806;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3811.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95326 | URL:http://osvdb.org/95326 | XF:oracle-cpujuly2013-cve20133806(85713) | URL:http://xforce.iss.net/xforce/xfdb/85713";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3807;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95334 | URL:http://osvdb.org/95334 | XF:oracle-cpujuly2013-cve20133807(85721) | URL:http://xforce.iss.net/xforce/xfdb/85721";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3810;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95337 | URL:http://osvdb.org/95337 | XF:oracle-cpujuly2013-cve20133810(85724) | URL:http://xforce.iss.net/xforce/xfdb/85724";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3811;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3806.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95335 | URL:http://osvdb.org/95335 | XF:oracle-cpujuly2013-cve20133811(85722) | URL:http://xforce.iss.net/xforce/xfdb/85722";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5793.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5786.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:http://xforce.iss.net/xforce/xfdb/90373";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:http://xforce.iss.net/xforce/xfdb/90377";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:http://xforce.iss.net/xforce/xfdb/90374";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:http://xforce.iss.net/xforce/xfdb/90376";Assigned (20130918);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714";Assigned (20131203);"None (candidate not yet proposed)";
-02.565.64;02;565;64;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714";Assigned (20131203);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:http://xforce.iss.net/xforce/xfdb/90383";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:http://xforce.iss.net/xforce/xfdb/90387";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:http://xforce.iss.net/xforce/xfdb/90384";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0433;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64895 | URL:http://www.securityfocus.com/bid/64895 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140433(90375) | URL:http://xforce.iss.net/xforce/xfdb/90375";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66872 | URL:http://www.securityfocus.com/bid/66872";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66853 | URL:http://www.securityfocus.com/bid/66853";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3806;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3811.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95326 | URL:http://osvdb.org/95326 | XF:oracle-cpujuly2013-cve20133806(85713) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85713";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3807;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95334 | URL:http://osvdb.org/95334 | XF:oracle-cpujuly2013-cve20133807(85721) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85721";Assigned (20130603);"None (candidate not yet proposed)";
+5.1.68;5;1;68;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85717";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85709";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85709";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3810;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95337 | URL:http://osvdb.org/95337 | XF:oracle-cpujuly2013-cve20133810(85724) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85724";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3811;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3806.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95335 | URL:http://osvdb.org/95335 | XF:oracle-cpujuly2013-cve20133811(85722) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85722";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85723";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/85723";Assigned (20130603);"None (candidate not yet proposed)";
+5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63113 | URL:http://www.securityfocus.com/bid/63113 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63119 | URL:http://www.securityfocus.com/bid/63119 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5793.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63107 | URL:http://www.securityfocus.com/bid/63107 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5786.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63116 | URL:http://www.securityfocus.com/bid/63116 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63105 | URL:http://www.securityfocus.com/bid/63105 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63105 | URL:http://www.securityfocus.com/bid/63105 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90373";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90377";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90374";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90376";Assigned (20130918);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90389";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | BID:65298 | URL:http://www.securityfocus.com/bid/65298 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714 | SECTRACK:1029708 | URL:http://www.securitytracker.com/id/1029708 | SECUNIA:52161 | URL:http://secunia.com/advisories/52161 | XF:mysql-cve20140001-bo(90901) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90901";Assigned (20131203);"None (candidate not yet proposed)";
+02.565.63;02;565;63;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | BID:65298 | URL:http://www.securityfocus.com/bid/65298 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714 | SECTRACK:1029708 | URL:http://www.securitytracker.com/id/1029708 | SECUNIA:52161 | URL:http://secunia.com/advisories/52161 | XF:mysql-cve20140001-bo(90901) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90901";Assigned (20131203);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.71;5;1;71;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90380";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.71;5;1;71;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90386";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90382";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.71;5;1;71;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90379";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90378";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90388";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90388";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90383";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90387";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90384";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0433;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64895 | URL:http://www.securityfocus.com/bid/64895 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140433(90375) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90375";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/90385";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66872 | URL:http://www.securityfocus.com/bid/66872";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66853 | URL:http://www.securityfocus.com/bid/66853";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0522 | URL:http://rhn.redhat.com/errata/RHSA-2014-0522.html | REDHAT:RHSA-2014:0536 | URL:http://rhn.redhat.com/errata/RHSA-2014-0536.html | REDHAT:RHSA-2014:0537 | URL:http://rhn.redhat.com/errata/RHSA-2014-0537.html | REDHAT:RHSA-2014:0702 | URL:http://rhn.redhat.com/errata/RHSA-2014-0702.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2442;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2444;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2450;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2451;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | XF:oracle-cpujul2014-cve20144207(94624) | URL:http://xforce.iss.net/xforce/xfdb/94624";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68607 | URL:http://www.securityfocus.com/bid/68607 | XF:oracle-cpujul2014-cve20144214(94627) | URL:http://xforce.iss.net/xforce/xfdb/94627";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68598 | URL:http://www.securityfocus.com/bid/68598 | XF:oracle-cpujul2014-cve20144233(94625) | URL:http://xforce.iss.net/xforce/xfdb/94625";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68587 | URL:http://www.securityfocus.com/bid/68587 | XF:oracle-cpujul2014-cve20144238(94623) | URL:http://xforce.iss.net/xforce/xfdb/94623";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68602 | URL:http://www.securityfocus.com/bid/68602 | XF:oracle-cpujul2014-cve20144240(94626) | URL:http://xforce.iss.net/xforce/xfdb/94626";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:72223 | URL:http://www.securityfocus.com/bid/72223 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74081 | URL:http://www.securityfocus.com/bid/74081";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75762 | URL:http://www.securityfocus.com/bid/75762";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75774 | URL:http://www.securityfocus.com/bid/75774";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75760 | URL:http://www.securityfocus.com/bid/75760";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75815 | URL:http://www.securityfocus.com/bid/75815";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75813 | URL:http://www.securityfocus.com/bid/75813";Assigned (20150320);"None (candidate not yet proposed)";
-5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | BID:75785 | URL:http://www.securityfocus.com/bid/75785";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75770 | URL:http://www.securityfocus.com/bid/75770";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77232 | URL:http://www.securityfocus.com/bid/77232";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75844 | URL:http://www.securityfocus.com/bid/75844";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75753 | URL:http://www.securityfocus.com/bid/75753";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75835 | URL:http://www.securityfocus.com/bid/75835";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75781 | URL:http://www.securityfocus.com/bid/75781";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77213 | URL:http://www.securityfocus.com/bid/77213";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77171 | URL:http://www.securityfocus.com/bid/77171";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77171 | URL:http://www.securityfocus.com/bid/77171";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77216 | URL:http://www.securityfocus.com/bid/77216";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77165 | URL:http://www.securityfocus.com/bid/77165";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77165 | URL:http://www.securityfocus.com/bid/77165";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77222 | URL:http://www.securityfocus.com/bid/77222";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77222 | URL:http://www.securityfocus.com/bid/77222";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77134 | URL:http://www.securityfocus.com/bid/77134";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77196 | URL:http://www.securityfocus.com/bid/77196";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77196 | URL:http://www.securityfocus.com/bid/77196";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77237 | URL:http://www.securityfocus.com/bid/77237";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77237 | URL:http://www.securityfocus.com/bid/77237";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77228 | URL:http://www.securityfocus.com/bid/77228";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77228 | URL:http://www.securityfocus.com/bid/77228";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77170 | URL:http://www.securityfocus.com/bid/77170";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77190 | URL:http://www.securityfocus.com/bid/77190";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77190 | URL:http://www.securityfocus.com/bid/77190";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77145 | URL:http://www.securityfocus.com/bid/77145";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77145 | URL:http://www.securityfocus.com/bid/77145";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77137 | URL:http://www.securityfocus.com/bid/77137";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77137 | URL:http://www.securityfocus.com/bid/77137";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77147 | URL:http://www.securityfocus.com/bid/77147";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | BID:77187 | URL:http://www.securityfocus.com/bid/77187";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | BID:77187 | URL:http://www.securityfocus.com/bid/77187";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77132 | URL:http://www.securityfocus.com/bid/77132";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77208 | URL:http://www.securityfocus.com/bid/77208";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77208 | URL:http://www.securityfocus.com/bid/77208";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77140 | URL:http://www.securityfocus.com/bid/77140";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | BID:77140 | URL:http://www.securityfocus.com/bid/77140";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77231 | URL:http://www.securityfocus.com/bid/77231";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77136 | URL:http://www.securityfocus.com/bid/77136";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77219 | URL:http://www.securityfocus.com/bid/77219";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77143 | URL:http://www.securityfocus.com/bid/77143";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:77234 | URL:http://www.securityfocus.com/bid/77234";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77153 | URL:http://www.securityfocus.com/bid/77153";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | BID:77153 | URL:http://www.securityfocus.com/bid/77153";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.28;5;6;28;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-2.17.1;2;17;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-10.0.22;10;0;22;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-2.21.2;2;21;2;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)";
-5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)";
-5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)";
-5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)";
-10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)";
-10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066";Assigned (20151209);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)";
-10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)";
-10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | BID:81810 | URL:http://www.securityfocus.com/bid/81810";Assigned (20160122);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91976 | URL:http://www.securityfocus.com/bid/91976";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91910 | URL:http://www.securityfocus.com/bid/91910";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
-3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)";
-3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-3495;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93670 | URL:http://www.securityfocus.com/bid/93670";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91967 | URL:http://www.securityfocus.com/bid/91967";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91983 | URL:http://www.securityfocus.com/bid/91983";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91906 | URL:http://www.securityfocus.com/bid/91906";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91917 | URL:http://www.securityfocus.com/bid/91917";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91915 | URL:http://www.securityfocus.com/bid/91915";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91974 | URL:http://www.securityfocus.com/bid/91974";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91963 | URL:http://www.securityfocus.com/bid/91963";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.52;5;5;52;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.33;5;6;33;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.15;5;7;15;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-5616;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-5616;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5616;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-5617;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-5617;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5617;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5625;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Packaging.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93617 | URL:http://www.securityfocus.com/bid/93617";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5628;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93662 | URL:http://www.securityfocus.com/bid/93662";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5631;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93684 | URL:http://www.securityfocus.com/bid/93684";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-5632;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93693 | URL:http://www.securityfocus.com/bid/93693";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5633;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-8290.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93702 | URL:http://www.securityfocus.com/bid/93702";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-5635;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93715 | URL:http://www.securityfocus.com/bid/93715";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.52;5;5;52;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.33;5;6;33;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.15;5;7;15;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-10.0.27;10;0;27;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-10.1.17;10;1;17;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | BID:93005 | URL:http://www.securityfocus.com/bid/93005";Assigned (20160909);"None (candidate not yet proposed)";
-7.0.11;7;0;11;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | BID:93005 | URL:http://www.securityfocus.com/bid/93005";Assigned (20160909);"None (candidate not yet proposed)";
-5.5.51;5;5;51;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.32;5;6;32;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.31;5;6;31;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.14;5;7;14;CVE-2016-8286;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93745 | URL:http://www.securityfocus.com/bid/93745";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8287;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93727 | URL:http://www.securityfocus.com/bid/93727";Assigned (20160926);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8289;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93720 | URL:http://www.securityfocus.com/bid/93720";Assigned (20160926);"None (candidate not yet proposed)";
-5.7.13;5;7;13;CVE-2016-8290;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-5633.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93733 | URL:http://www.securityfocus.com/bid/93733";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144207(94624) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94624";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68607 | URL:http://www.securityfocus.com/bid/68607 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144214(94627) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94627";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68598 | URL:http://www.securityfocus.com/bid/68598 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144233(94625) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94625";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68587 | URL:http://www.securityfocus.com/bid/68587 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144238(94623) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94623";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68602 | URL:http://www.securityfocus.com/bid/68602 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144240(94626) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94626";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144243(94628) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94628";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144243(94628) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94628";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144258(94620) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94620";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144258(94620) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94620";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144260(94621) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94621";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144260(94621) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/94621";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100191";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100191";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100185";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100185";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100184";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100184";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100190";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100186";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100186";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | BID:72223 | URL:http://www.securityfocus.com/bid/72223 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100188";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72191 | URL:http://www.securityfocus.com/bid/72191 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100183";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72191 | URL:http://www.securityfocus.com/bid/72191 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100183";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72217 | URL:http://www.securityfocus.com/bid/72217 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100187";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74085 | URL:http://www.securityfocus.com/bid/74085 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74081 | URL:http://www.securityfocus.com/bid/74081 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74112 | URL:http://www.securityfocus.com/bid/74112 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74112 | URL:http://www.securityfocus.com/bid/74112 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+2.2.12;2;2;12;CVE-2015-1027;Candidate;"The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.";"CONFIRM:https://bugs.launchpad.net/percona-toolkit/+bug/1408375 | CONFIRM:https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/";Assigned (20150110);"None (candidate not yet proposed)";
+2.2.8;2;2;8;CVE-2015-1027;Candidate;"The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.";"CONFIRM:https://bugs.launchpad.net/percona-toolkit/+bug/1408375 | CONFIRM:https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027/";Assigned (20150110);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74073 | URL:http://www.securityfocus.com/bid/74073 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74073 | URL:http://www.securityfocus.com/bid/74073 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74095 | URL:http://www.securityfocus.com/bid/74095 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74095 | URL:http://www.securityfocus.com/bid/74095 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74078 | URL:http://www.securityfocus.com/bid/74078 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74078 | URL:http://www.securityfocus.com/bid/74078 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75762 | URL:http://www.securityfocus.com/bid/75762 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75774 | URL:http://www.securityfocus.com/bid/75774 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75760 | URL:http://www.securityfocus.com/bid/75760 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75815 | URL:http://www.securityfocus.com/bid/75815 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75813 | URL:http://www.securityfocus.com/bid/75813 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150320);"None (candidate not yet proposed)";
+5.7.2;5;7;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
+6.1.2;6;1;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | BID:75785 | URL:http://www.securityfocus.com/bid/75785 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3311 | URL:http://www.debian.org/security/2015/dsa-3311 | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | REDHAT:RHSA-2015:1647 | URL:http://rhn.redhat.com/errata/RHSA-2015-1647.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75770 | URL:http://www.securityfocus.com/bid/75770 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77232 | URL:http://www.securityfocus.com/bid/77232 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75844 | URL:http://www.securityfocus.com/bid/75844 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75753 | URL:http://www.securityfocus.com/bid/75753 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75835 | URL:http://www.securityfocus.com/bid/75835 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | GENTOO:GLSA-201610-06 | URL:https://security.gentoo.org/glsa/201610-06 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1646 | URL:http://rhn.redhat.com/errata/RHSA-2015-1646.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75781 | URL:http://www.securityfocus.com/bid/75781 | SECTRACK:1032911 | URL:http://www.securitytracker.com/id/1032911";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77213 | URL:http://www.securityfocus.com/bid/77213 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77171 | URL:http://www.securityfocus.com/bid/77171 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77171 | URL:http://www.securityfocus.com/bid/77171 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77216 | URL:http://www.securityfocus.com/bid/77216 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77165 | URL:http://www.securityfocus.com/bid/77165 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77165 | URL:http://www.securityfocus.com/bid/77165 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77222 | URL:http://www.securityfocus.com/bid/77222 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77222 | URL:http://www.securityfocus.com/bid/77222 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77134 | URL:http://www.securityfocus.com/bid/77134 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77196 | URL:http://www.securityfocus.com/bid/77196 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77196 | URL:http://www.securityfocus.com/bid/77196 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77237 | URL:http://www.securityfocus.com/bid/77237 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77237 | URL:http://www.securityfocus.com/bid/77237 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77228 | URL:http://www.securityfocus.com/bid/77228 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77228 | URL:http://www.securityfocus.com/bid/77228 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77170 | URL:http://www.securityfocus.com/bid/77170 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77190 | URL:http://www.securityfocus.com/bid/77190 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77190 | URL:http://www.securityfocus.com/bid/77190 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77145 | URL:http://www.securityfocus.com/bid/77145 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77145 | URL:http://www.securityfocus.com/bid/77145 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77137 | URL:http://www.securityfocus.com/bid/77137 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77137 | URL:http://www.securityfocus.com/bid/77137 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77147 | URL:http://www.securityfocus.com/bid/77147 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77187 | URL:http://www.securityfocus.com/bid/77187 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2015:1665 | URL:http://rhn.redhat.com/errata/RHSA-2015-1665.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77187 | URL:http://www.securityfocus.com/bid/77187 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77132 | URL:http://www.securityfocus.com/bid/77132 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"EXPLOIT-DB:39867 | URL:https://www.exploit-db.com/exploits/39867/ | MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77208 | URL:http://www.securityfocus.com/bid/77208 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"EXPLOIT-DB:39867 | URL:https://www.exploit-db.com/exploits/39867/ | MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77208 | URL:http://www.securityfocus.com/bid/77208 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77140 | URL:http://www.securityfocus.com/bid/77140 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77140 | URL:http://www.securityfocus.com/bid/77140 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77231 | URL:http://www.securityfocus.com/bid/77231 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77136 | URL:http://www.securityfocus.com/bid/77136 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77219 | URL:http://www.securityfocus.com/bid/77219 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77143 | URL:http://www.securityfocus.com/bid/77143 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77234 | URL:http://www.securityfocus.com/bid/77234 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77153 | URL:http://www.securityfocus.com/bid/77153 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77153 | URL:http://www.securityfocus.com/bid/77153 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.27;5;6;27;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+2.17.0;2;17;0;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+10.0.21;10;0;21;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+2.21.1;2;21;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+5.4.42;5;4;42;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.7.8;5;7;8;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+10.0.22;10;0;22;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+10.1.9;10;1;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.5.46;5;5;46;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+10.0.22;10;0;22;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+10.1.9;10;1;9;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.6.28;5;6;28;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.7.10;5;7;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91976 | URL:http://www.securityfocus.com/bid/91976 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91910 | URL:http://www.securityfocus.com/bid/91910 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.47;5;5;47;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.28;5;6;28;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.9;5;7;9;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.24;10;0;24;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.13;10;1;13;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.24;10;0;24;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.13;10;1;13;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"MISC:https://www.tenable.com/security/research/tra-2016-11 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";
+3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"MISC:https://www.tenable.com/security/research/tra-2016-11 | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93650 | URL:http://www.securityfocus.com/bid/93650 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-3495;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93670 | URL:http://www.securityfocus.com/bid/93670 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91967 | URL:http://www.securityfocus.com/bid/91967 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91983 | URL:http://www.securityfocus.com/bid/91983 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91906 | URL:http://www.securityfocus.com/bid/91906 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91917 | URL:http://www.securityfocus.com/bid/91917 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91915 | URL:http://www.securityfocus.com/bid/91915 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91974 | URL:http://www.securityfocus.com/bid/91974 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91963 | URL:http://www.securityfocus.com/bid/91963 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.47;5;5;47;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.28;5;6;28;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.10;5;7;10;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+10.0.24;10;0;24;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+10.1.13;10;1;13;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1132 | URL:https://access.redhat.com/errata/RHSA-2016:1132 | REDHAT:RHSA-2016:1480 | URL:http://rhn.redhat.com/errata/RHSA-2016-1480.html | REDHAT:RHSA-2016:1481 | URL:http://rhn.redhat.com/errata/RHSA-2016-1481.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987 | SECTRACK:1036362 | URL:http://www.securitytracker.com/id/1036362";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | BID:93678 | URL:http://www.securityfocus.com/bid/93678 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.52;5;5;52;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.33;5;6;33;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.15;5;7;15;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5625;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Packaging.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93617 | URL:http://www.securityfocus.com/bid/93617 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93642 | URL:http://www.securityfocus.com/bid/93642 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5628;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93662 | URL:http://www.securityfocus.com/bid/93662 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93668 | URL:http://www.securityfocus.com/bid/93668 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | BID:93674 | URL:http://www.securityfocus.com/bid/93674 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5631;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93684 | URL:http://www.securityfocus.com/bid/93684 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5632;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93693 | URL:http://www.securityfocus.com/bid/93693 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5633;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-8290.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93702 | URL:http://www.securityfocus.com/bid/93702 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5635;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93715 | URL:http://www.securityfocus.com/bid/93715 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.50;5;5;50;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+10.0.26;10;0;26;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+10.1.16;10;1;16;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2058 | URL:http://rhn.redhat.com/errata/RHSA-2016-2058.html | REDHAT:RHSA-2016:2059 | URL:http://rhn.redhat.com/errata/RHSA-2016-2059.html | REDHAT:RHSA-2016:2060 | URL:http://rhn.redhat.com/errata/RHSA-2016-2060.html | REDHAT:RHSA-2016:2061 | URL:http://rhn.redhat.com/errata/RHSA-2016-2061.html | REDHAT:RHSA-2016:2062 | URL:http://rhn.redhat.com/errata/RHSA-2016-2062.html | REDHAT:RHSA-2016:2077 | URL:http://rhn.redhat.com/errata/RHSA-2016-2077.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92912 | URL:http://www.securityfocus.com/bid/92912 | SECTRACK:1036769 | URL:http://www.securitytracker.com/id/1036769";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+8.0.0;8;0;0;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+10.0.27;10;0;27;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+10.1.17;10;1;17;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.50;5;5;50;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:0184 | URL:http://rhn.redhat.com/errata/RHSA-2017-0184.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.50;5;5;50;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | CONFIRM:https://www.tenable.com/security/tns-2016-19 | GENTOO:GLSA-201611-22 | URL:https://security.gentoo.org/glsa/201611-22 | BID:93005 | URL:http://www.securityfocus.com/bid/93005 | SECTRACK:1036836 | URL:http://www.securitytracker.com/id/1036836";Assigned (20160909);"None (candidate not yet proposed)";
+7.0.10;7;0;10;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | CONFIRM:https://www.tenable.com/security/tns-2016-19 | GENTOO:GLSA-201611-22 | URL:https://security.gentoo.org/glsa/201611-22 | BID:93005 | URL:http://www.securityfocus.com/bid/93005 | SECTRACK:1036836 | URL:http://www.securitytracker.com/id/1036836";Assigned (20160909);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:2130 | URL:http://rhn.redhat.com/errata/RHSA-2016-2130.html | REDHAT:RHSA-2016:2131 | URL:http://rhn.redhat.com/errata/RHSA-2016-2131.html | REDHAT:RHSA-2016:2595 | URL:http://rhn.redhat.com/errata/RHSA-2016-2595.html | REDHAT:RHSA-2016:2749 | URL:http://rhn.redhat.com/errata/RHSA-2016-2749.html | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | BID:93737 | URL:http://www.securityfocus.com/bid/93737 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93755 | URL:http://www.securityfocus.com/bid/93755 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-8286;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93745 | URL:http://www.securityfocus.com/bid/93745 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8287;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93727 | URL:http://www.securityfocus.com/bid/93727 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | BID:93740 | URL:http://www.securityfocus.com/bid/93740 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8289;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93720 | URL:http://www.securityfocus.com/bid/93720 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8290;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-5633.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93733 | URL:http://www.securityfocus.com/bid/93733 | SECTRACK:1037050 | URL:http://www.securitytracker.com/id/1037050";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | BID:95580 | URL:http://www.securityfocus.com/bid/95580 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | BID:95580 | URL:http://www.securityfocus.com/bid/95580 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95557 | URL:http://www.securityfocus.com/bid/95557 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95557 | URL:http://www.securityfocus.com/bid/95557 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101402 | URL:http://www.securityfocus.com/bid/101402 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10155;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101402 | URL:http://www.securityfocus.com/bid/101402 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10165;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101424 | URL:http://www.securityfocus.com/bid/101424 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10167;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101433 | URL:http://www.securityfocus.com/bid/101433 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10227;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101337 | URL:http://www.securityfocus.com/bid/101337 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10227;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101337 | URL:http://www.securityfocus.com/bid/101337 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.5.57;5;5;57;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101390 | URL:http://www.securityfocus.com/bid/101390 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101390 | URL:http://www.securityfocus.com/bid/101390 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10268;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101390 | URL:http://www.securityfocus.com/bid/101390 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101441 | URL:http://www.securityfocus.com/bid/101441 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10276;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101441 | URL:http://www.securityfocus.com/bid/101441 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-10279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101316 | URL:http://www.securityfocus.com/bid/101316 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-10279;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101316 | URL:http://www.securityfocus.com/bid/101316 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101420 | URL:http://www.securityfocus.com/bid/101420 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10283;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101420 | URL:http://www.securityfocus.com/bid/101420 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-10284;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored Procedure). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101385 | URL:http://www.securityfocus.com/bid/101385 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101397 | URL:http://www.securityfocus.com/bid/101397 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10286;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101397 | URL:http://www.securityfocus.com/bid/101397 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10294;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101444 | URL:http://www.securityfocus.com/bid/101444 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10294;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101444 | URL:http://www.securityfocus.com/bid/101444 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-10296;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101373 | URL:http://www.securityfocus.com/bid/101373 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10311;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101446 | URL:http://www.securityfocus.com/bid/101446 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101448 | URL:http://www.securityfocus.com/bid/101448 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10314;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101314 | URL:http://www.securityfocus.com/bid/101314 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10314;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101314 | URL:http://www.securityfocus.com/bid/101314 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101410 | URL:http://www.securityfocus.com/bid/101410 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-10365;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | BID:101429 | URL:http://www.securityfocus.com/bid/101429 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.5.57;5;5;57;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101375 | URL:http://www.securityfocus.com/bid/101375 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101375 | URL:http://www.securityfocus.com/bid/101375 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2017-10378;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.11 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101375 | URL:http://www.securityfocus.com/bid/101375 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.5.57;5;5;57;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101415 | URL:http://www.securityfocus.com/bid/101415 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101415 | URL:http://www.securityfocus.com/bid/101415 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10379;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier; 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101415 | URL:http://www.securityfocus.com/bid/101415 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.5.57;5;5;57;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101406 | URL:http://www.securityfocus.com/bid/101406 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.6.37;5;6;37;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101406 | URL:http://www.securityfocus.com/bid/101406 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2017-10384;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | CONFIRM:https://security.netapp.com/advisory/ntap-20171019-0002/ | DEBIAN:DSA-4002 | URL:http://www.debian.org/security/2017/dsa-4002 | REDHAT:RHSA-2017:3265 | URL:https://access.redhat.com/errata/RHSA-2017:3265 | REDHAT:RHSA-2017:3442 | URL:https://access.redhat.com/errata/RHSA-2017:3442 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:101406 | URL:http://www.securityfocus.com/bid/101406 | SECTRACK:1039597 | URL:http://www.securitytracker.com/id/1039597";Assigned (20170621);"None (candidate not yet proposed)";
+10.1.29;10;1;29;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
+10.2.9;10;2;9;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-15365;Candidate;"sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.";"CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1524234 | CONFIRM:https://github.com/MariaDB/server/commit/0b5a5258abbeaf8a0c3a18c7e753699787fdf46e | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10130-release-notes/ | CONFIRM:https://mariadb.com/kb/en/library/mariadb-10210-release-notes/ | CONFIRM:https://www.percona.com/blog/2017/10/30/percona-xtradb-cluster-5-6-37-26-21-3-is-now-available/ | CONFIRM:https://www.percona.com/doc/percona-xtradb-cluster/LATEST/release-notes/Percona-XtraDB-Cluster-5.7.19-29.22-3.html | FEDORA:FEDORA-2018-0d6a80f496 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELCZV46WIYSJ6VMC65GMNN3A3QDRUJGK/";Assigned (20171015);"None (candidate not yet proposed)";
+5.0.-1;5;0;-1;CVE-2017-16540;Candidate;"OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.";"MISC:http://www.open-emr.org/wiki/index.php/OpenEMR_Patches | MISC:https://isears.github.io/jekyll/update/2017/10/28/openemr-database-disclosure.html | BID:101983 | URL:http://www.securityfocus.com/bid/101983";Assigned (20171104);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95571 | URL:http://www.securityfocus.com/bid/95571 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95571 | URL:http://www.securityfocus.com/bid/95571 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95571 | URL:http://www.securityfocus.com/bid/95571 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3243;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95538 | URL:http://www.securityfocus.com/bid/95538 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95565 | URL:http://www.securityfocus.com/bid/95565 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95565 | URL:http://www.securityfocus.com/bid/95565 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95565 | URL:http://www.securityfocus.com/bid/95565 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95482 | URL:http://www.securityfocus.com/bid/95482 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3256;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95486 | URL:http://www.securityfocus.com/bid/95486 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95589 | URL:http://www.securityfocus.com/bid/95589 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95589 | URL:http://www.securityfocus.com/bid/95589 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95560 | URL:http://www.securityfocus.com/bid/95560 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95560 | URL:http://www.securityfocus.com/bid/95560 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95560 | URL:http://www.securityfocus.com/bid/95560 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95520 | URL:http://www.securityfocus.com/bid/95520 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95520 | URL:http://www.securityfocus.com/bid/95520 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95520 | URL:http://www.securityfocus.com/bid/95520 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95583 | URL:http://www.securityfocus.com/bid/95583 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:95583 | URL:http://www.securityfocus.com/bid/95583 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95501 | URL:http://www.securityfocus.com/bid/95501 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95501 | URL:http://www.securityfocus.com/bid/95501 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95501 | URL:http://www.securityfocus.com/bid/95501 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.55;5;5;55;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client; aka; ""The Riddle"".";"MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) | URL:http://www.openwall.com/lists/oss-security/2017/03/17/3 | MISC:http://riddle.link/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97023 | URL:http://www.securityfocus.com/bid/97023 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue allows man-in-the-middle attackers to hijack the authentication of users by leveraging incorrect ordering of security parameter verification in a client; aka; ""The Riddle"".";"MLIST:[oss-security] 20170317 CVE-2017-3305 - The Riddle vulnerability in MySQL client (public disclosure) | URL:http://www.openwall.com/lists/oss-security/2017/03/17/3 | MISC:http://riddle.link/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97023 | URL:http://www.securityfocus.com/bid/97023 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+3.1.6;3;1;6;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+3.2.1182;3;2;1182;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+3.3.2;3;3;2;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+3.1.6;3;1;6;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+3.2.1182;3;2;1182;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+3.3.2;3;3;2;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97725 | URL:http://www.securityfocus.com/bid/97725 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97725 | URL:http://www.securityfocus.com/bid/97725 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97725 | URL:http://www.securityfocus.com/bid/97725 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97742 | URL:http://www.securityfocus.com/bid/97742 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97742 | URL:http://www.securityfocus.com/bid/97742 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97742 | URL:http://www.securityfocus.com/bid/97742 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95491 | URL:http://www.securityfocus.com/bid/95491 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95491 | URL:http://www.securityfocus.com/bid/95491 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95491 | URL:http://www.securityfocus.com/bid/95491 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95527 | URL:http://www.securityfocus.com/bid/95527 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95527 | URL:http://www.securityfocus.com/bid/95527 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3809 | URL:http://www.debian.org/security/2017/dsa-3809 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95527 | URL:http://www.securityfocus.com/bid/95527 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95585 | URL:http://www.securityfocus.com/bid/95585 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95585 | URL:http://www.securityfocus.com/bid/95585 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95585 | URL:http://www.securityfocus.com/bid/95585 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95588 | URL:http://www.securityfocus.com/bid/95588 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95588 | URL:http://www.securityfocus.com/bid/95588 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | DEBIAN:DSA-3767 | URL:http://www.debian.org/security/2017/dsa-3767 | DEBIAN:DSA-3770 | URL:http://www.debian.org/security/2017/dsa-3770 | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | GENTOO:GLSA-201702-18 | URL:https://security.gentoo.org/glsa/201702-18 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:95588 | URL:http://www.securityfocus.com/bid/95588 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3319;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95479 | URL:http://www.securityfocus.com/bid/95479 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | GENTOO:GLSA-201702-17 | URL:https://security.gentoo.org/glsa/201702-17 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:95470 | URL:http://www.securityfocus.com/bid/95470 | SECTRACK:1037640 | URL:http://www.securitytracker.com/id/1037640";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | BID:97763 | URL:http://www.securityfocus.com/bid/97763 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | BID:97763 | URL:http://www.securityfocus.com/bid/97763 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | BID:97763 | URL:http://www.securityfocus.com/bid/97763 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97772 | URL:http://www.securityfocus.com/bid/97772 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97772 | URL:http://www.securityfocus.com/bid/97772 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97747 | URL:http://www.securityfocus.com/bid/97747 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97747 | URL:http://www.securityfocus.com/bid/97747 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3452;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97779 | URL:http://www.securityfocus.com/bid/97779 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97776 | URL:http://www.securityfocus.com/bid/97776 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97776 | URL:http://www.securityfocus.com/bid/97776 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97776 | URL:http://www.securityfocus.com/bid/97776 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3454;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97791 | URL:http://www.securityfocus.com/bid/97791 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97820 | URL:http://www.securityfocus.com/bid/97820 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97831 | URL:http://www.securityfocus.com/bid/97831 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97831 | URL:http://www.securityfocus.com/bid/97831 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97831 | URL:http://www.securityfocus.com/bid/97831 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3457;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97845 | URL:http://www.securityfocus.com/bid/97845 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3458;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97837 | URL:http://www.securityfocus.com/bid/97837 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3459;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97847 | URL:http://www.securityfocus.com/bid/97847 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3460;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97826 | URL:http://www.securityfocus.com/bid/97826 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97812 | URL:http://www.securityfocus.com/bid/97812 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97812 | URL:http://www.securityfocus.com/bid/97812 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97812 | URL:http://www.securityfocus.com/bid/97812 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97851 | URL:http://www.securityfocus.com/bid/97851 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97851 | URL:http://www.securityfocus.com/bid/97851 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97851 | URL:http://www.securityfocus.com/bid/97851 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97849 | URL:http://www.securityfocus.com/bid/97849 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97849 | URL:http://www.securityfocus.com/bid/97849 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97849 | URL:http://www.securityfocus.com/bid/97849 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97818 | URL:http://www.securityfocus.com/bid/97818 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97818 | URL:http://www.securityfocus.com/bid/97818 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:97818 | URL:http://www.securityfocus.com/bid/97818 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3465;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97822 | URL:http://www.securityfocus.com/bid/97822 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3467;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97825 | URL:http://www.securityfocus.com/bid/97825 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3468;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:97848 | URL:http://www.securityfocus.com/bid/97848 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3529;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: UDF). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99746 | URL:http://www.securityfocus.com/bid/99746 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"EXPLOIT-DB:41954 | URL:https://www.exploit-db.com/exploits/41954/ | MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97754 | URL:http://www.securityfocus.com/bid/97754 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"EXPLOIT-DB:41954 | URL:https://www.exploit-db.com/exploits/41954/ | MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:97754 | URL:http://www.securityfocus.com/bid/97754 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:97765 | URL:http://www.securityfocus.com/bid/97765 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:97765 | URL:http://www.securityfocus.com/bid/97765 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | DEBIAN:DSA-3834 | URL:http://www.debian.org/security/2017/dsa-3834 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:97765 | URL:http://www.securityfocus.com/bid/97765 | SECTRACK:1038287 | URL:http://www.securitytracker.com/id/1038287";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3633;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99722 | URL:http://www.securityfocus.com/bid/99722 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3633;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99722 | URL:http://www.securityfocus.com/bid/99722 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99729 | URL:http://www.securityfocus.com/bid/99729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3634;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99729 | URL:http://www.securityfocus.com/bid/99729 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.56;5;5;56;CVE-2017-3636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99736 | URL:http://www.securityfocus.com/bid/99736 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3636;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99736 | URL:http://www.securityfocus.com/bid/99736 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3637;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99748 | URL:http://www.securityfocus.com/bid/99748 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3638;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99778 | URL:http://www.securityfocus.com/bid/99778 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3639;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99753 | URL:http://www.securityfocus.com/bid/99753 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99765 | URL:http://www.securityfocus.com/bid/99765 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.56;5;5;56;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99767 | URL:http://www.securityfocus.com/bid/99767 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99767 | URL:http://www.securityfocus.com/bid/99767 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3641;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99767 | URL:http://www.securityfocus.com/bid/99767 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3642;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99779 | URL:http://www.securityfocus.com/bid/99779 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3643;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99772 | URL:http://www.securityfocus.com/bid/99772 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3644;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99775 | URL:http://www.securityfocus.com/bid/99775 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99783 | URL:http://www.securityfocus.com/bid/99783 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3646;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99786 | URL:http://www.securityfocus.com/bid/99786 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99796 | URL:http://www.securityfocus.com/bid/99796 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99796 | URL:http://www.securityfocus.com/bid/99796 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.56;5;5;56;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99789 | URL:http://www.securityfocus.com/bid/99789 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99789 | URL:http://www.securityfocus.com/bid/99789 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3648;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99789 | URL:http://www.securityfocus.com/bid/99789 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3649;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99799 | URL:http://www.securityfocus.com/bid/99799 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3649;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99799 | URL:http://www.securityfocus.com/bid/99799 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3650;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | BID:99808 | URL:http://www.securityfocus.com/bid/99808 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.56;5;5;56;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:99802 | URL:http://www.securityfocus.com/bid/99802 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:99802 | URL:http://www.securityfocus.com/bid/99802 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3651;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2016:2927 | URL:http://rhn.redhat.com/errata/RHSA-2016-2927.html | REDHAT:RHSA-2016:2928 | URL:http://rhn.redhat.com/errata/RHSA-2016-2928.html | REDHAT:RHSA-2017:2192 | URL:https://access.redhat.com/errata/RHSA-2017:2192 | BID:99802 | URL:http://www.securityfocus.com/bid/99802 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.56;5;5;56;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99805 | URL:http://www.securityfocus.com/bid/99805 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99805 | URL:http://www.securityfocus.com/bid/99805 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3652;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | BID:99805 | URL:http://www.securityfocus.com/bid/99805 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.56;5;5;56;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99810 | URL:http://www.securityfocus.com/bid/99810 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.36;5;6;36;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99810 | URL:http://www.securityfocus.com/bid/99810 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.18;5;7;18;CVE-2017-3653;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier; 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html | DEBIAN:DSA-3922 | URL:http://www.debian.org/security/2017/dsa-3922 | DEBIAN:DSA-3944 | URL:http://www.debian.org/security/2017/dsa-3944 | DEBIAN:DSA-3955 | URL:https://www.debian.org/security/2017/dsa-3955 | REDHAT:RHSA-2017:2886 | URL:https://access.redhat.com/errata/RHSA-2017:2886 | REDHAT:RHSA-2017:2787 | URL:https://access.redhat.com/errata/RHSA-2017:2787 | REDHAT:RHSA-2018:0279 | URL:https://access.redhat.com/errata/RHSA-2018:0279 | REDHAT:RHSA-2018:0574 | URL:https://access.redhat.com/errata/RHSA-2018:0574 | BID:99810 | URL:http://www.securityfocus.com/bid/99810 | SECTRACK:1038928 | URL:http://www.securitytracker.com/id/1038928";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.58;5;5;58;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102713 | URL:http://www.securityfocus.com/bid/102713 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102713 | URL:http://www.securityfocus.com/bid/102713 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2018-2562;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102713 | URL:http://www.securityfocus.com/bid/102713 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2565;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102712 | URL:http://www.securityfocus.com/bid/102712 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2573;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102710 | URL:http://www.securityfocus.com/bid/102710 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2573;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102710 | URL:http://www.securityfocus.com/bid/102710 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2576;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102695 | URL:http://www.securityfocus.com/bid/102695 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2583;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102708 | URL:http://www.securityfocus.com/bid/102708 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2583;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102708 | URL:http://www.securityfocus.com/bid/102708 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2586;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102700 | URL:http://www.securityfocus.com/bid/102700 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2590;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102697 | URL:http://www.securityfocus.com/bid/102697 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2590;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102697 | URL:http://www.securityfocus.com/bid/102697 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2591;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | BID:102714 | URL:http://www.securityfocus.com/bid/102714 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.19;5;7;19;CVE-2018-2591;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | BID:102714 | URL:http://www.securityfocus.com/bid/102714 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102696 | URL:http://www.securityfocus.com/bid/102696 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2612;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102709 | URL:http://www.securityfocus.com/bid/102709 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2612;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102709 | URL:http://www.securityfocus.com/bid/102709 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.58;5;5;58;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102706 | URL:http://www.securityfocus.com/bid/102706 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102706 | URL:http://www.securityfocus.com/bid/102706 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2622;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102706 | URL:http://www.securityfocus.com/bid/102706 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.58;5;5;58;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102678 | URL:http://www.securityfocus.com/bid/102678 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102678 | URL:http://www.securityfocus.com/bid/102678 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2640;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102678 | URL:http://www.securityfocus.com/bid/102678 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102698 | URL:http://www.securityfocus.com/bid/102698 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2645;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102698 | URL:http://www.securityfocus.com/bid/102698 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2646;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102703 | URL:http://www.securityfocus.com/bid/102703 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102711 | URL:http://www.securityfocus.com/bid/102711 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2647;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102711 | URL:http://www.securityfocus.com/bid/102711 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.58;5;5;58;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102681 | URL:http://www.securityfocus.com/bid/102681 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102681 | URL:http://www.securityfocus.com/bid/102681 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2665;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102681 | URL:http://www.securityfocus.com/bid/102681 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2667;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102685 | URL:http://www.securityfocus.com/bid/102685 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.58;5;5;58;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102682 | URL:http://www.securityfocus.com/bid/102682 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102682 | URL:http://www.securityfocus.com/bid/102682 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2668;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior; 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | DEBIAN:DSA-4091 | URL:https://www.debian.org/security/2018/dsa-4091 | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | UBUNTU:USN-3537-2 | URL:https://usn.ubuntu.com/3537-2/ | BID:102682 | URL:http://www.securityfocus.com/bid/102682 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2696;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102701 | URL:http://www.securityfocus.com/bid/102701 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2696;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102701 | URL:http://www.securityfocus.com/bid/102701 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.38;5;6;38;CVE-2018-2703;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102704 | URL:http://www.securityfocus.com/bid/102704 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.20;5;7;20;CVE-2018-2703;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180117-0002/ | REDHAT:RHSA-2018:0586 | URL:https://access.redhat.com/errata/RHSA-2018:0586 | REDHAT:RHSA-2018:0587 | URL:https://access.redhat.com/errata/RHSA-2018:0587 | UBUNTU:USN-3537-1 | URL:https://usn.ubuntu.com/3537-1/ | BID:102704 | URL:http://www.securityfocus.com/bid/102704 | SECTRACK:1040216 | URL:http://www.securitytracker.com/id/1040216";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103807 | URL:http://www.securityfocus.com/bid/103807 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103807 | URL:http://www.securityfocus.com/bid/103807 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2755;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103807 | URL:http://www.securityfocus.com/bid/103807 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103802 | URL:http://www.securityfocus.com/bid/103802 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2758;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103802 | URL:http://www.securityfocus.com/bid/103802 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2759;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103780 | URL:http://www.securityfocus.com/bid/103780 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103820 | URL:http://www.securityfocus.com/bid/103820 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103820 | URL:http://www.securityfocus.com/bid/103820 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2761;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103820 | URL:http://www.securityfocus.com/bid/103820 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2762;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103794 | URL:http://www.securityfocus.com/bid/103794 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2766;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103805 | URL:http://www.securityfocus.com/bid/103805 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2766;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103805 | URL:http://www.securityfocus.com/bid/103805 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2769;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103876 | URL:http://www.securityfocus.com/bid/103876 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103828 | URL:http://www.securityfocus.com/bid/103828 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103828 | URL:http://www.securityfocus.com/bid/103828 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2771;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103828 | URL:http://www.securityfocus.com/bid/103828 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103811 | URL:http://www.securityfocus.com/bid/103811 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103811 | URL:http://www.securityfocus.com/bid/103811 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2773;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103811 | URL:http://www.securityfocus.com/bid/103811 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2775;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103777 | URL:http://www.securityfocus.com/bid/103777 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2776;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103791 | URL:http://www.securityfocus.com/bid/103791 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2777;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103781 | URL:http://www.securityfocus.com/bid/103781 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2778;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103785 | URL:http://www.securityfocus.com/bid/103785 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2779;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103787 | URL:http://www.securityfocus.com/bid/103787 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2780;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103778 | URL:http://www.securityfocus.com/bid/103778 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103825 | URL:http://www.securityfocus.com/bid/103825 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103825 | URL:http://www.securityfocus.com/bid/103825 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2781;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103825 | URL:http://www.securityfocus.com/bid/103825 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2782;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103799 | URL:http://www.securityfocus.com/bid/103799 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2782;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103799 | URL:http://www.securityfocus.com/bid/103799 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103801 | URL:http://www.securityfocus.com/bid/103801 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2784;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103801 | URL:http://www.securityfocus.com/bid/103801 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2786;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103779 | URL:http://www.securityfocus.com/bid/103779 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2787;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103804 | URL:http://www.securityfocus.com/bid/103804 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2787;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103804 | URL:http://www.securityfocus.com/bid/103804 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2805;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Supported versions that are affected are 5.6.39 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | BID:103831 | URL:http://www.securityfocus.com/bid/103831 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2810;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103783 | URL:http://www.securityfocus.com/bid/103783 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2812;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103836 | URL:http://www.securityfocus.com/bid/103836 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103830 | URL:http://www.securityfocus.com/bid/103830 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103830 | URL:http://www.securityfocus.com/bid/103830 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2813;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103830 | URL:http://www.securityfocus.com/bid/103830 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2816;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103789 | URL:http://www.securityfocus.com/bid/103789 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103818 | URL:http://www.securityfocus.com/bid/103818 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103818 | URL:http://www.securityfocus.com/bid/103818 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2817;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103818 | URL:http://www.securityfocus.com/bid/103818 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103824 | URL:http://www.securityfocus.com/bid/103824 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103824 | URL:http://www.securityfocus.com/bid/103824 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2818;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103824 | URL:http://www.securityfocus.com/bid/103824 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.5.59;5;5;59;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103814 | URL:http://www.securityfocus.com/bid/103814 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.6.39;5;6;39;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103814 | URL:http://www.securityfocus.com/bid/103814 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2819;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior; 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"MLIST:[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update | URL:https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | DEBIAN:DSA-4176 | URL:https://www.debian.org/security/2018/dsa-4176 | REDHAT:RHSA-2018:1254 | URL:https://access.redhat.com/errata/RHSA-2018:1254 | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | UBUNTU:USN-3629-2 | URL:https://usn.ubuntu.com/3629-2/ | BID:103814 | URL:http://www.securityfocus.com/bid/103814 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2839;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103845 | URL:http://www.securityfocus.com/bid/103845 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";
+5.7.21;5;7;21;CVE-2018-2846;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html | CONFIRM:https://security.netapp.com/advisory/ntap-20180419-0002/ | UBUNTU:USN-3629-1 | URL:https://usn.ubuntu.com/3629-1/ | BID:103790 | URL:http://www.securityfocus.com/bid/103790 | SECTRACK:1040698 | URL:http://www.securitytracker.com/id/1040698";Assigned (20171215);"None (candidate not yet proposed)";