rpm package
suse/mariadb104&distro=SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS
Vulnerabilities (219)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-3291 | Med | 6.3 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to | |
| CVE-2017-3265 | Med | 5.6 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to | |
| CVE-2017-3258 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via | |
| CVE-2017-3257 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to | |
| CVE-2017-3244 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via | |
| CVE-2017-3243 | Med | 4.4 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M | |
| CVE-2017-3238 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jan 27, 2017 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce | |
| CVE-2016-6664 | Hig | 7.0 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Dec 13, 2016 | mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before | |
| CVE-2016-6663 | Hig | 7.0 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Dec 13, 2016 | Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Perco | |
| CVE-2016-7440 | Med | 5.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Dec 13, 2016 | The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences. | |
| CVE-2016-8283 | Med | 4.3 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. | |
| CVE-2016-5629 | Med | 4.9 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated. | |
| CVE-2016-5626 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. | |
| CVE-2016-5624 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. | |
| CVE-2016-5584 | Med | 4.4 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption. | |
| CVE-2016-3492 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Oct 25, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | |
| CVE-2016-6662 | Cri | 9.8 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Sep 20, 2016 | Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary c | |
| CVE-2016-5440 | Med | 4.9 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jul 21, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR. | |
| CVE-2016-3615 | Med | 5.3 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jul 21, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML. | |
| CVE-2016-3521 | Med | 6.5 | < 10.4.30-150100.3.5.10 | 10.4.30-150100.3.5.10 | Jul 21, 2016 | Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types. |
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise M
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acce
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Perco
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary c
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.
- affected < 10.4.30-150100.3.5.10fixed 10.4.30-150100.3.5.10
Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.
Page 8 of 11