VYPR

rpm package

suse/mariadb104&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5

pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Vulnerabilities (219)

  • CVE-2020-13249May 20, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Or

  • CVE-2020-2814Apr 15, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple proto

  • CVE-2020-2812Apr 15, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access

  • CVE-2020-2760Apr 15, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise

  • CVE-2020-2752Apr 15, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple proto

  • CVE-2019-18901Mar 2, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Li

  • CVE-2020-7221Feb 4, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does not affect t

  • CVE-2020-2574Jan 15, 2020
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot

  • CVE-2019-2974Oct 16, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mult

  • CVE-2019-2938Oct 16, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromi

  • CVE-2019-2805Jul 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mu

  • CVE-2019-2758Jul 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr

  • CVE-2019-2740Jul 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multi

  • CVE-2019-2739Jul 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon

  • CVE-2019-2737Jul 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network acc

  • CVE-2019-2628Apr 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr

  • CVE-2019-2627Apr 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with networ

  • CVE-2019-2614Apr 23, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces

  • CVE-2019-2537Jan 16, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mult

  • CVE-2019-2510Jan 16, 2019
    affected < 10.4.30-8.5.46fixed 10.4.30-8.5.46

    Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compr

Page 4 of 11