rpm package
suse/mariadb&distro=SUSE OpenStack Cloud Crowbar 8
pkg:rpm/suse/mariadb&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Vulnerabilities (62)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-2627 | — | < 10.0.40.1-29.32.1 | 10.0.40.1-29.32.1 | Apr 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with networ | ||
| CVE-2019-2614 | — | < 10.0.40.1-29.32.1 | 10.0.40.1-29.32.1 | Apr 23, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces | ||
| CVE-2019-2537 | — | < 10.2.22-4.11.1 | 10.2.22-4.11.1 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult | ||
| CVE-2019-2529 | — | < 10.0.38-29.27.3 | 10.0.38-29.27.3 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via | ||
| CVE-2019-2510 | — | < 10.2.22-4.11.1 | 10.2.22-4.11.1 | Jan 16, 2019 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-19039 | — | < 10.2.25-4.14.2 | 10.2.25-4.14.2 | Dec 13, 2018 | Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. | ||
| CVE-2018-3284 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to com | ||
| CVE-2018-3282 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacke | ||
| CVE-2018-3277 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-3251 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p | ||
| CVE-2018-3200 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-3185 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-3174 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with | ||
| CVE-2018-3173 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-3162 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr | ||
| CVE-2018-3156 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p | ||
| CVE-2018-3143 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Oct 17, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p | ||
| CVE-2018-15727 | — | < 10.2.25-4.14.2 | 10.2.25-4.14.2 | Aug 29, 2018 | Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. | ||
| CVE-2018-3066 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Jul 18, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access vi | ||
| CVE-2018-3064 | — | < 10.2.21-4.8.1 | 10.2.21-4.8.1 | Jul 18, 2018 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p |
- CVE-2019-2627Apr 23, 2019affected < 10.0.40.1-29.32.1fixed 10.0.40.1-29.32.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with networ
- CVE-2019-2614Apr 23, 2019affected < 10.0.40.1-29.32.1fixed 10.0.40.1-29.32.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces
- CVE-2019-2537Jan 16, 2019affected < 10.2.22-4.11.1fixed 10.2.22-4.11.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult
- CVE-2019-2529Jan 16, 2019affected < 10.0.38-29.27.3fixed 10.0.38-29.27.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
- CVE-2019-2510Jan 16, 2019affected < 10.2.22-4.11.1fixed 10.2.22-4.11.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-19039Dec 13, 2018affected < 10.2.25-4.14.2fixed 10.2.25-4.14.2
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
- CVE-2018-3284Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to com
- CVE-2018-3282Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacke
- CVE-2018-3277Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-3251Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
- CVE-2018-3200Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-3185Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-3174Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with
- CVE-2018-3173Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-3162Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr
- CVE-2018-3156Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
- CVE-2018-3143Oct 17, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
- CVE-2018-15727Aug 29, 2018affected < 10.2.25-4.14.2fixed 10.2.25-4.14.2
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
- CVE-2018-3066Jul 18, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access vi
- CVE-2018-3064Jul 18, 2018affected < 10.2.21-4.8.1fixed 10.2.21-4.8.1
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
Page 2 of 4