rpm package

suse/mysql&distro=SUSE Linux Enterprise Desktop 11 SP3

pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3

Vulnerabilities (60)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2015-3152	Med	5.9	< 5.5.45-0.11.1	5.5.45-0.11.1	May 16, 2016	Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack
CVE-2015-7744	Med	5.9	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 22, 2016	wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA k
CVE-2016-0616		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0609		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
CVE-2016-0608		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.
CVE-2016-0606		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
CVE-2016-0600		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2016-0598		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-0597		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0596		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-0546		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client.
CVE-2016-0505		—	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
CVE-2016-0502	Med	6.5	< 5.5.47-0.17.1	5.5.47-0.17.1	Jan 21, 2016	Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2015-4913		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 22, 2015	Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
CVE-2015-4910		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 22, 2015	Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
CVE-2015-4905		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 22, 2015	Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.
CVE-2015-4904		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 22, 2015	Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.
CVE-2015-4895		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 21, 2015	Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2015-4890		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 21, 2015	Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.
CVE-2015-4879		—	< 5.5.46-0.14.1	5.5.46-0.14.1	Oct 21, 2015	Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.

CVE-2015-3152MedMay 16, 2016
affected < 5.5.45-0.11.1fixed 5.5.45-0.11.1
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack
CVE-2015-7744MedJan 22, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA k
CVE-2016-0616Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0609Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to privileges.
CVE-2016-0608Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF.
CVE-2016-0606Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption.
CVE-2016-0600Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2016-0598Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-0597Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2016-0596Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML.
CVE-2016-0546Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client.
CVE-2016-0505Jan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.
CVE-2016-0502MedJan 21, 2016
affected < 5.5.47-0.17.1fixed 5.5.47-0.17.1
Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVE-2015-4913Oct 22, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
CVE-2015-4910Oct 22, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
CVE-2015-4905Oct 22, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.
CVE-2015-4904Oct 22, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.
CVE-2015-4895Oct 21, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
CVE-2015-4890Oct 21, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.
CVE-2015-4879Oct 21, 2015
affected < 5.5.46-0.14.1fixed 5.5.46-0.14.1
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.

Page 1 of 3