rpm package

suse/mariadb&distro=SUSE Linux Enterprise Software Development Kit 12

pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012

Vulnerabilities (92)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2015-2326		—	< 10.0.20-18.1	10.0.20-18.1	Jan 14, 2020	The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference,
CVE-2015-2325		—	< 10.0.20-18.1	10.0.20-18.1	Jan 14, 2020	The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward refere
CVE-2015-3152	Med	5.9	< 10.0.20-18.1	10.0.20-18.1	May 16, 2016	Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack
CVE-2016-0668	Med	4.1	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0666	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
CVE-2016-0655	Med	4.7	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0651	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CVE-2016-0650	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.
CVE-2016-0649	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.
CVE-2016-0648	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.
CVE-2016-0647	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.
CVE-2016-0646	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.
CVE-2016-0644	Med	5.5	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
CVE-2016-0643	Low	3.3	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.
CVE-2016-0642	Med	4.7	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CVE-2016-0641	Med	5.1	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.
CVE-2016-0640	Med	6.1	< 10.0.25-20.6.1	10.0.25-20.6.1	Apr 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
CVE-2016-2047	Med	5.9	< 10.0.25-20.6.1	10.0.25-20.6.1	Jan 27, 2016	The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname m
CVE-2016-0616		—	< 10.0.25-20.6.1	10.0.25-20.6.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0609		—	< 10.0.25-20.6.1	10.0.25-20.6.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.

CVE-2015-2326Jan 14, 2020
affected < 10.0.20-18.1fixed 10.0.20-18.1
The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference,
CVE-2015-2325Jan 14, 2020
affected < 10.0.20-18.1fixed 10.0.20-18.1
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward refere
CVE-2015-3152MedMay 16, 2016
affected < 10.0.20-18.1fixed 10.0.20-18.1
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack
CVE-2016-0668MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0666MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges.
CVE-2016-0655MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB.
CVE-2016-0651MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CVE-2016-0650MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to Replication.
CVE-2016-0649MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS.
CVE-2016-0648MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS.
CVE-2016-0647MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS.
CVE-2016-0646MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DML.
CVE-2016-0644MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
CVE-2016-0643LowApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.
CVE-2016-0642MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
CVE-2016-0641MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM.
CVE-2016-0640MedApr 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML.
CVE-2016-2047MedJan 27, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname m
CVE-2016-0616Jan 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0609Jan 21, 2016
affected < 10.0.25-20.6.1fixed 10.0.25-20.6.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.

Page 1 of 5