National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:mariadb:mariadb:5.5.21
There are 59 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2017-15365

sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.

Published: January 25, 2018; 11:29:00 AM -05:00
V3: 8.8 HIGH
V2: 6.5 MEDIUM
CVE-2017-15945

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link.

Published: October 27, 2017; 05:29:00 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2017-3302

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

Published: February 11, 2017; 11:59:00 PM -05:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2016-6663

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.

Published: December 13, 2016; 04:59:00 PM -05:00
V3: 7.0 HIGH
V2: 4.4 MEDIUM
CVE-2016-8283

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.

Published: October 25, 2016; 10:31:53 AM -04:00
V3: 4.3 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5635

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.

Published: October 25, 2016; 10:31:51 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5634

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR.

Published: October 25, 2016; 10:31:50 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5633

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.

Published: October 25, 2016; 10:31:49 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5632

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.

Published: October 25, 2016; 10:31:48 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5631

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.

Published: October 25, 2016; 10:31:46 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5628

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.

Published: October 25, 2016; 10:31:43 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-5625

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging.

Published: October 25, 2016; 10:31:39 AM -04:00
V3: 7.0 HIGH
V2: 4.4 MEDIUM
CVE-2016-5609

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Published: October 25, 2016; 10:31:22 AM -04:00
V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-3495

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

Published: October 25, 2016; 10:29:11 AM -04:00
V3: 4.9 MEDIUM
V2: 6.8 MEDIUM
CVE-2016-3492

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

Published: October 25, 2016; 10:29:10 AM -04:00
V3: 6.5 MEDIUM
V2: 6.8 MEDIUM
CVE-2016-6662

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Published: September 20, 2016; 02:59:00 PM -04:00
V3: 9.8 CRITICAL
V2: 10.0 HIGH
CVE-2016-5444

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.

Published: July 21, 2016; 06:14:57 AM -04:00
V3: 3.7 LOW
V2: 4.3 MEDIUM
CVE-2016-5440

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.

Published: July 21, 2016; 06:14:53 AM -04:00
V3: 4.9 MEDIUM
V2: 4.0 MEDIUM
CVE-2016-3615

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.

Published: July 21, 2016; 06:14:49 AM -04:00
V3: 5.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3521

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.

Published: July 21, 2016; 06:13:15 AM -04:00
V3: 6.5 MEDIUM
V2: 6.8 MEDIUM