U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:oracle:mysql:5.5.51:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 236 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2016-6663

Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.

Published: December 13, 2016; 4:59:00 PM -0500
V4.0:(not available)
V3.0: 7.0 HIGH
V2.0: 4.4 MEDIUM
CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.

Published: December 13, 2016; 11:59:10 AM -0500
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-8290

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633.

Published: October 25, 2016; 10:32:01 AM -0400
V4.0:(not available)
V3.0: 4.4 MEDIUM
V2.0: 3.5 LOW
CVE-2016-8289

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.

Published: October 25, 2016; 10:32:00 AM -0400
V4.0:(not available)
V3.0: 4.7 MEDIUM
V2.0: 3.3 LOW
CVE-2016-8287

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.

Published: October 25, 2016; 10:31:58 AM -0400
V4.0:(not available)
V3.0: 4.5 MEDIUM
V2.0: 3.5 LOW
CVE-2016-8286

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.

Published: October 25, 2016; 10:31:57 AM -0400
V4.0:(not available)
V3.0: 3.1 LOW
V2.0: 3.5 LOW
CVE-2016-8283

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.

Published: October 25, 2016; 10:31:53 AM -0400
V4.0:(not available)
V3.0: 4.3 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5635

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.

Published: October 25, 2016; 10:31:51 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5634

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR.

Published: October 25, 2016; 10:31:50 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5633

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.

Published: October 25, 2016; 10:31:49 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5632

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.

Published: October 25, 2016; 10:31:48 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5631

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.

Published: October 25, 2016; 10:31:46 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5629

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.

Published: October 25, 2016; 10:31:44 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5628

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.

Published: October 25, 2016; 10:31:43 AM -0400
V4.0:(not available)
V3.1: 4.9 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5626

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

Published: October 25, 2016; 10:31:40 AM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5624

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML.

Published: October 25, 2016; 10:31:38 AM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2016-5584

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

Published: October 25, 2016; 10:30:54 AM -0400
V4.0:(not available)
V3.1: 4.4 MEDIUM
V2.0: 3.5 LOW
CVE-2016-3492

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

Published: October 25, 2016; 10:29:10 AM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 6.8 MEDIUM
CVE-2016-6662

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.

Published: September 20, 2016; 2:59:00 PM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2016-5443

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.

Published: July 21, 2016; 6:14:56 AM -0400
V4.0:(not available)
V3.0: 4.7 MEDIUM
V2.0: 1.2 LOW