rpm package

suse/mariadb&distro=SUSE Linux Enterprise Server 12-LTSS

pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS

Vulnerabilities (64)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-3317	Med	4.0	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infras
CVE-2017-3313	Med	4.7	< 10.0.30-20.26.1	10.0.30-20.26.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the
CVE-2017-3312	Med	6.7	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to t
CVE-2017-3291	Med	6.3	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3265	Med	5.6	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3258	Med	6.5	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3257	Med	6.5	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to
CVE-2017-3244	Med	6.5	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3243	Med	4.4	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2017-3238	Med	6.5	< 10.0.29-20.23.1	10.0.29-20.23.1	Jan 27, 2017	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2016-6664	Hig	7.0	< 10.0.29-20.23.1	10.0.29-20.23.1	Dec 13, 2016	mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before
CVE-2016-6663	Hig	7.0	< 10.0.28-20.16.2	10.0.28-20.16.2	Dec 13, 2016	Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Perco
CVE-2016-7440	Med	5.5	< 10.0.28-20.16.2	10.0.28-20.16.2	Dec 13, 2016	The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2016-8283	Med	4.3	< 10.0.28-20.16.2	10.0.28-20.16.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2016-5629	Med	4.9	< 10.0.28-20.16.2	10.0.28-20.16.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
CVE-2016-5626	Med	6.5	< 10.0.28-20.16.2	10.0.28-20.16.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2016-5624	Med	6.5	< 10.0.28-20.16.2	10.0.28-20.16.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-5584	Med	4.4	< 10.0.28-20.16.2	10.0.28-20.16.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
CVE-2016-3492	Med	6.5	< 10.0.28-20.16.2	10.0.28-20.16.2	Oct 25, 2016	Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
CVE-2016-6662	Cri	9.8	< 10.0.27-20.13.1	10.0.27-20.13.1	Sep 20, 2016	Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary c

CVE-2017-3317MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infras
CVE-2017-3313MedJan 27, 2017
affected < 10.0.30-20.26.1fixed 10.0.30-20.26.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the
CVE-2017-3312MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to t
CVE-2017-3291MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3265MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
CVE-2017-3258MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3257MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to
CVE-2017-3244MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
CVE-2017-3243MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
CVE-2017-3238MedJan 27, 2017
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
CVE-2016-6664HigDec 13, 2016
affected < 10.0.29-20.23.1fixed 10.0.29-20.23.1
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before
CVE-2016-6663HigDec 13, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Perco
CVE-2016-7440MedDec 13, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
CVE-2016-8283MedOct 25, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
CVE-2016-5629MedOct 25, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
CVE-2016-5626MedOct 25, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2016-5624MedOct 25, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-5584MedOct 25, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
CVE-2016-3492MedOct 25, 2016
affected < 10.0.28-20.16.2fixed 10.0.28-20.16.2
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
CVE-2016-6662CriSep 20, 2016
affected < 10.0.27-20.13.1fixed 10.0.27-20.13.1
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary c

Page 3 of 4