Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.1 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H).

...

Oracle MySQL Server 5.7.x < 5.7.42 (Apr 2023 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 5.7.41 and...

CVE-2023-21980

CVE-2023-21980 affects Oracle MySQL Server in the Client programs component. Affected: MySQL 5.7.x up to 5.7.41 and MySQL 8.0.x up to 8.0.32. The flaw can be triggered by network access via multiple protocols, with low privileges and required user interaction, potentially allowing takeover of the...

SUSE CVE-2015-4819

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs...

SUSE CVE-2017-3636

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server execut...

SUSE CVE-2017-10379

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

SUSE CVE-2018-3174

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the...

MariaDB 10.0.0 < 10.0.32 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.0.32. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.32 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected...

MariaDB 10.1.0 < 10.1.33 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.33. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.33 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.3...

MariaDB 10.2.0 < 10.2.8 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.2.8. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.2.8 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected ar...

RLSA-2022:7119 Moderate: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.30. Security Fixes: mysql: Server: DML multiple unspecified...

Moderate: mysql security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.30. BZ2122589 Security Fixes: mysql: Server: Optimizer multiple...

[SECURITY] Fedora 35 Update: community-mysql-8.0.28-1.fc35

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

[SECURITY] Fedora 33 Update: community-mysql-8.0.26-1.fc33

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

EulerOS 2.0 SP3 : mariadb (EulerOS-SA-2021-1815)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.46 and prior, 5.7.28 a...

[SECURITY] Fedora 33 Update: postgresql-12.6-1.fc33

PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...

[SECURITY] Fedora 32 Update: mariadb-10.4.16-1.fc32

MariaDB is a community developed branch of MySQL - a multi-user, multi-thre aded SQL database server. It is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an...

Fedora: Security Advisory for mariadb (FEDORA-2020-b995eb2973)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-15157

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...

CVE-2020-15157 containerd can be coerced into leaking credentials during image pull

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...