rpm package
suse/mariadb&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2752 | — | < 10.2.32-3.28.2 | 10.2.32-3.28.2 | Apr 15, 2020 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto | ||
| CVE-2019-18901 | — | < 10.2.31-3.25.1 | 10.2.31-3.25.1 | Mar 2, 2020 | A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Li | ||
| CVE-2020-2574 | — | < 10.2.31-3.25.1 | 10.2.31-3.25.1 | Jan 15, 2020 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot | ||
| CVE-2019-2974 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Oct 16, 2019 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mult | ||
| CVE-2019-2938 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Oct 16, 2019 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromi | ||
| CVE-2019-2805 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Jul 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mu | ||
| CVE-2019-2758 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Jul 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2019-2740 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Jul 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multi | ||
| CVE-2019-2739 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Jul 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon | ||
| CVE-2019-2737 | — | < 10.2.29-3.22.1 | 10.2.29-3.22.1 | Jul 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network acc |
- CVE-2020-2752Apr 15, 2020affected < 10.2.32-3.28.2fixed 10.2.32-3.28.2
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto
- CVE-2019-18901Mar 2, 2020affected < 10.2.31-3.25.1fixed 10.2.31-3.25.1
A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Li
- CVE-2020-2574Jan 15, 2020affected < 10.2.31-3.25.1fixed 10.2.31-3.25.1
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot
- CVE-2019-2974Oct 16, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mult
- CVE-2019-2938Oct 16, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromi
- CVE-2019-2805Jul 23, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mu
- CVE-2019-2758Jul 23, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2019-2740Jul 23, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multi
- CVE-2019-2739Jul 23, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon
- CVE-2019-2737Jul 23, 2019affected < 10.2.29-3.22.1fixed 10.2.29-3.22.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network acc
Page 3 of 3