diff -Nru mysqltuner-1.6.18/build/updateCVElist.pl mysqltuner-1.7.2/build/updateCVElist.pl
--- mysqltuner-1.6.18/build/updateCVElist.pl 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/build/updateCVElist.pl 2017-05-17 15:38:17.000000000 +0000
@@ -64,9 +64,11 @@
foreach my $vers (uniq(@versions)) {
my @nb=split('\.', $vers);
+ $nb[2]-- if ($line =~ /before/i);
#print $vers."\n".Dumper @nb;
- #exit 0;
- $f->write_file('file' => '../vulnerabilities.csv', 'content' => "$vers;$nb[0];$nb[1];$nb[2];$line\n", 'mode' => 'append');
+ #print "$line";
+ #exit 0 if ($line =~/before/i) ;
+ $f->write_file('file' => '../vulnerabilities.csv', 'content' => "$nb[0].$nb[1].$nb[2];$nb[0];$nb[1];$nb[2];$line\n", 'mode' => 'append');
}
}
}
diff -Nru mysqltuner-1.6.18/build/updateStaff.sh mysqltuner-1.7.2/build/updateStaff.sh
--- mysqltuner-1.6.18/build/updateStaff.sh 1970-01-01 00:00:00.000000000 +0000
+++ mysqltuner-1.7.2/build/updateStaff.sh 2017-05-17 15:38:17.000000000 +0000
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+(cd ..
+echo "* GENERATING USAGE FILE"
+pod2markdown mysqltuner.pl >USAGE.md
+echo "* TIDYFY SCRIPT"
+perltidy -b mysqltuner.pl
+)
+echo "* Udate CVE list"
+perl updateCVElist.pl
+
+git add ../vulnerabilities.csv ../mysqltuner.pl ./USAGE.md
+git commit -m 'Update Vulnerabilities list
+Identing mysqltuner
+Update Usage information'
\ No newline at end of file
diff -Nru mysqltuner-1.6.18/CONTRIBUTING.md mysqltuner-1.7.2/CONTRIBUTING.md
--- mysqltuner-1.6.18/CONTRIBUTING.md 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/CONTRIBUTING.md 2017-05-17 15:38:17.000000000 +0000
@@ -27,7 +27,7 @@
respect the opinions of others.
-##Before submitting an issue##
+## Before submitting an issue
1. Upgrade to the latest version of MySQLTuner and see if the problem remains
@@ -47,7 +47,7 @@
Guidelines for bug reports:
-1. **Use the [GitHub issue search](https://github.com/major/MySQLTuner-perl/search?type=Issues)** — check if the issue has already been
+1. **Use the [GitHub issue search]** — check if the issue has already been
reported.
2. **Check if the bug has already been fixed** — try to reproduce it using the
@@ -100,13 +100,13 @@
project), maintenance burden and general usefulness.
Creating something great often means saying no to seemingly good ideas. Don't
-dispair if your feature request isn't accepted, take action! Fork the
+despair if your feature request isn't accepted, take action! Fork the
repository, build your idea and share it with others. We released MySQLTuner under
the MIT License for this purpose precisely. Open source works best when smart
and dedicated people riff off of each others' ideas to make even greater things.
-## New feature request ##
-* You can find Enhancement asked by community at [Enhancement issue](https://github.com/major/MySQLTuner-perl/labels/enhancement)
+## New feature request
+You can find Enhancement asked by community at [Enhancement issue]
## Pull requests
@@ -153,8 +153,7 @@
git checkout -b
```
-4. Commit your changes in logical chunks. Please adhere to these [git commit
- message guidelines](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html)
+4. Commit your changes in logical chunks. Please adhere to these [git commit message guidelines]
or your code is unlikely be merged into the main project. Use Git's
[interactive rebase](https://help.github.com/articles/interactive-rebase)
feature to tidy up your commits before making them public.
@@ -171,18 +170,23 @@
git push origin
```
-7. [Open a Pull Request](https://help.github.com/articles/using-pull-requests/)
- with a clear title and description.
+7. [Open a Pull Request] with a clear title and description.
**IMPORTANT**: By submitting a patch, you agree to allow the project owner to
-license your work under the [GPLv3 License](https://en.wikipedia.org/wiki/GNU_General_Public_License).
+license your work under the [GPLv3 License].
-Copy of the license is available at [LICENSE](https://github.com/major/MySQLTuner-perl/blob/master/LICENSE)
+Copy of the license is available at [LICENSE]
-#### MySQLTuner Code Conventions
+## MySQLTuner Code Conventions
1. Check code convention using **perltidy** and **perlcritic**
2. Don't manually update the version number in `mysqltuner.pl`.
-
+
+[Enhancement issue]:https://github.com/major/MySQLTuner-perl/labels/enhancement
+[GitHub issue search]:https://github.com/major/MySQLTuner-perl/search?type=Issues
+[git commit message guidelines]:http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
+[Open a Pull Request]:https://help.github.com/articles/using-pull-requests/
+[GPLv3 License]:https://en.wikipedia.org/wiki/GNU_General_Public_License
+[LICENSE]:https://github.com/major/MySQLTuner-perl/blob/master/LICENSE
diff -Nru mysqltuner-1.6.18/debian/changelog mysqltuner-1.7.2/debian/changelog
--- mysqltuner-1.6.18/debian/changelog 2016-10-13 10:28:02.000000000 +0000
+++ mysqltuner-1.7.2/debian/changelog 2017-07-06 10:35:34.000000000 +0000
@@ -1,3 +1,11 @@
+mysqltuner (1.7.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * New Standards-Version: 4.0.0
+ * fix to recommends metapackage default-mysql-server. (Closes: #848442)
+
+ -- KURASHIKI Satoru Thu, 06 Jul 2017 19:35:34 +0900
+
mysqltuner (1.6.18-1) unstable; urgency=medium
* New upstream release.
diff -Nru mysqltuner-1.6.18/debian/control mysqltuner-1.7.2/debian/control
--- mysqltuner-1.6.18/debian/control 2016-10-13 10:28:00.000000000 +0000
+++ mysqltuner-1.7.2/debian/control 2017-07-06 10:35:34.000000000 +0000
@@ -3,15 +3,15 @@
Priority: extra
Maintainer: KURASHIKI Satoru
Build-Depends: debhelper (>= 9), perl (>= 5.6)
-Standards-Version: 3.9.8
+Standards-Version: 4.0.0
Homepage: http://mysqltuner.com
-Vcs-Git: git://anonscm.debian.org/collab-maint/mysqltuner.git
-Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/mysqltuner.git
+Vcs-Git: https://anonscm.debian.org/git/collab-maint/mysqltuner.git/
+Vcs-Browser: https://anonscm.debian.org/git/collab-maint/mysqltuner.git/
Package: mysqltuner
Architecture: all
Depends: ${misc:Depends}, ${perl:Depends}
-Recommends: mysql-server | virtual-mysql-server
+Recommends: default-mysql-server | virtual-mysql-server
, libtext-template-perl
Description: high-performance MySQL tuning script
High-performance MySQL tuning script written in perl that will provide
diff -Nru mysqltuner-1.6.18/debian/rules mysqltuner-1.7.2/debian/rules
--- mysqltuner-1.6.18/debian/rules 2016-10-13 10:26:17.000000000 +0000
+++ mysqltuner-1.7.2/debian/rules 2017-07-06 10:35:34.000000000 +0000
@@ -7,6 +7,7 @@
dh $@
override_dh_auto_install:
+ chmod -x *.csv
pod2man mysqltuner.pl > mysqltuner.1
dh_auto_install
install -m 755 mysqltuner.pl debian/mysqltuner/usr/bin/
diff -Nru mysqltuner-1.6.18/.gitignore mysqltuner-1.7.2/.gitignore
--- mysqltuner-1.6.18/.gitignore 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/.gitignore 2017-05-17 15:38:17.000000000 +0000
@@ -3,3 +3,4 @@
build/build.log
build/cve*
build/vulnerabilities*
+*.bak
diff -Nru mysqltuner-1.6.18/INTERNALS.md mysqltuner-1.7.2/INTERNALS.md
--- mysqltuner-1.6.18/INTERNALS.md 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/INTERNALS.md 2017-05-17 15:38:17.000000000 +0000
@@ -17,13 +17,18 @@
* [Global buffer information](#mysqltuner-global-buffer-information)
* [Query cache checks](#mysqltuner-query-cache-checks)
* [Slow queries checks](#mysqltuner-slow-queries-checks)
+* [ThreadPool information](#mysqltuner-threadpool-information)
* [Replication checks](#mysqltuner-replication-checks)
* [InnoDB information](#mysqltuner-innodb-information)
-* [ARIADB information](#mysqltuner-ariadb-information)
* [MYISAM information](#mysqltuner-myisam-information)
-* [GALERA information](#mysqltuner-galera-information)
+* [ARIADB information](#mysqltuner-ariadb-information)
+* [XTRADB information](#mysqltuner-xtradb-information)
* [TOKUDB information](#mysqltuner-tokudb-information)
-* [ThreadPool information](#mysqltuner-threadpool-information)
+* [ROCKDB information](#mysqltuner-rockdb-information)
+* [CONNECT information](#mysqltuner-connect-information)
+* [SPIDER information](#mysqltuner-spider-information)
+* [GALERA information](#mysqltuner-galera-information)
+* [Performance Schema information](#mysqltuner-performance-schema-and-sysschema-information)
## MySQLTuner steps
@@ -244,6 +249,10 @@
* Joiner(Try to reach cluster group)
* SYNCED state able to read/write
* wsrep_cluster_conf_id configuration level must be identical in all nodes
+* wsrep_slave_thread is between 3 or 4 times number of CPU core.
+* gcs.limit should be equal to wsrep_slave_threads * 5
+* gcs.fc_factor should be equal to 0.8
+* Flow control fraction should be lower than 0.02 (wsrep_flow_control_paused < 0.02)
* wsrep_last_commited committed level must be identical in all nodes
* Look for tables without primary keys
* Look for non InnoDB tables for Galera
@@ -265,7 +274,123 @@
* tokudb_cleaner_iterations
* tokudb_fanout
+## MySQLTuner XtraDB information
+
+* Nothing for the moment
+
+## MySQLTuner Connect information
+
+* Nothing for the moment
+
+## MySQLTuner Spider information
+
+* Nothing for the moment
+
+## MySQLTuner RocksDb information
+
+* Nothing for the moment
+
## MySQLTuner Thread pool information
* thread_pool_size between 16 to 36 for Innodb usage
* thread_pool_size between 4 to 8 for MyIsam usage
+
+## MySQLTuner performance schema and sysschema information
+* Check that Performance schema is activated for 5.6+ version
+* Check that Performance schema is disactivated for 5.5- version
+* Check that Sys schema is installed
+* sys Schema version
+* Top user per connection
+* Top user per statement
+* Top user per statement latency
+* Top user per lock latency
+* Top user per full scans
+* Top user per row_sent
+* Top user per row modified
+* Top user per io
+* Top user per io latency
+* Top host per connection
+* Top host per statement
+* Top host per statement latency
+* Top host per lock latency
+* Top host per full scans
+* Top host per rows sent
+* Top host per rows modified
+* Top host per io
+* Top 5 host per io latency
+* Top IO type order by total io
+* Top IO type order by total latency
+* Top IO type order by max latency
+* Top Stages order by total io
+* Top Stages order by total latency
+* Top Stages order by avg latency
+* Top host per table scans
+* InnoDB Buffer Pool by schema
+* InnoDB Buffer Pool by table
+* Process per allocated memory
+* InnoDB Lock Waits
+* Threads IO Latency
+* High Cost SQL statements
+* Top 5% slower queries
+* Top 10 nb statement type
+* Top statement by total latency
+* Top statement by lock latency
+* Top statement by full scans
+* Top statement by rows sent
+* Top statement by rows modified
+* Use temporary tables
+* Unused Indexes
+* Full table scans
+* Latest file IO by latency
+* File by IO read bytes
+* File by IO written bytes
+* File per IO total latency
+* File per IO read latency
+* File per IO write latency
+* Event Wait by read bytes
+* Event Wait by write bytes
+* Event per wait total latency
+* Event per wait read latency
+* Event per wait write latency
+* TOP 15 most read indexes
+* TOP 15 most modified indexes
+* TOP 15 high select latency index
+* TOP 15 high insert latency index
+* TOP 15 high update latency index
+* TOP 15 high delete latency index
+* TOP 15 most read tables
+* TOP 15 most modified tables
+* TOP 15 high select latency tables
+* TOP 15 high insert latency tables
+* TOP 15 high update latency tables
+* TOP 15 high delete latency tables
+* Redundant indexes
+* Tables not using InnoDb buffer
+* Top 15 Tables using InnoDb buffer
+* Top 15 Tables with InnoDb buffer free
+* Top 15 Most executed queries
+* Latest SQL queries in errors or warnings
+* Top 20 queries with full table scans
+* TOP 15 reader queries (95% percentile)
+* TOP 15 row look queries (95% percentile)
+* TOP 15 total latency queries (95% percentile)
+* TOP 15 max latency queries (95% percentile)
+* TOP 15 average latency queries (95% percentile)
+* Top 20 queries with sort
+* Last 50 queries with sort
+* TOP 15 row sorting queries with sort
+* TOP 15 total latency queries with sort
+* TOP 15 merge queries with sort
+* TOP 15 average sort merges queries with sort
+* TOP 15 scans queries with sort
+* TOP 15 range queries with sort
+* Top 20 queries with temp table
+* Last 50 queries with temp table
+* TOP 15 total latency queries with temp table
+* TOP 15 queries with temp table to disk
+* TOP 15 class events by number
+* TOP 30 events by number
+* TOP 15 class events by total latency
+* TOP 30 events by total latency
+* TOP 15 class events by max latency
+* TOP 30 events by max latency
\ No newline at end of file
diff -Nru mysqltuner-1.6.18/mysqltuner.pl mysqltuner-1.7.2/mysqltuner.pl
--- mysqltuner-1.6.18/mysqltuner.pl 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/mysqltuner.pl 2017-05-17 15:38:17.000000000 +0000
@@ -1,7 +1,7 @@
#!/usr/bin/env perl
-# mysqltuner.pl - Version 1.6.18
+# mysqltuner.pl - Version 1.7.2
# High Performance MySQL Tuning Script
-# Copyright (C) 2006-2016 Major Hayden - major@mhtx.net
+# Copyright (C) 2006-2017 Major Hayden - major@mhtx.net
#
# For the latest updates, please visit http://mysqltuner.com/
# Git repository available at http://github.com/major/MySQLTuner-perl
@@ -31,6 +31,7 @@
# Simon Greenaway Adam Stein Isart Montane
# Baptiste M. Cole Turner Major Hayden
# Joe Ashcraft Jean-Marie Renouard Christian Loos
+# Julien Francoz
#
# Inspired by Matthew Montgomery's tuning-primer.sh script:
# http://forge.mysql.com/projects/view.php?id=44
@@ -54,7 +55,7 @@
#use Env;
# Set up a few variables for use in the script
-my $tunerversion = "1.6.18";
+my $tunerversion = "1.7.2";
my ( @adjvars, @generalrec );
# Set defaults
@@ -84,13 +85,15 @@
"dbstat" => 0,
"idxstat" => 0,
"sysstat" => 0,
+ "pfstat" => 0,
"skippassword" => 0,
"noask" => 0,
"template" => 0,
"json" => 0,
"prettyjson" => 0,
"reportfile" => 0,
- "verbose" => 0
+ "verbose" => 0,
+ "defaults-file" => '',
);
# Gather the options from the command line
@@ -113,7 +116,9 @@
'cvefile=s', 'bannedports=s',
'updateversion', 'maxportallowed=s',
'verbose', 'sysstat',
- 'password=s',
+ 'password=s', 'pfstat',
+ 'passenv=s', 'userenv=s',
+ 'defaults-file=s'
);
#If params are incorrect return help
@@ -141,7 +146,10 @@
. " --socket Use a different socket for a local connection\n"
. " --port Port to use for connection (default: 3306)\n"
. " --user Username to use for authentication\n"
+ . " --userenv Name of env variable which contains username to use for authentication\n"
. " --pass Password to use for authentication\n"
+ . " --passenv Name of env variable which contains password to use for authentication\n"
+ . " --defaults-file Path to a custom .my.cnf\n"
. " --mysqladmin Path to a custom mysqladmin executable\n"
. " --mysqlcmd Path to a custom mysql executable\n" . "\n"
. " --noask Don't ask password if needed\n" . "\n"
@@ -163,9 +171,10 @@
. " --dbstat Print database information\n"
. " --idxstat Print index information\n"
. " --sysstat Print system information\n"
+ . " --pfstat Print Performance schema information\n"
. " --bannedports Ports banned separated by comma(,)\n"
. " --maxportallowed Number of ports opened allowed on this hosts\n"
- . " --cvefile CVE File for vulnerability checks\n"
+ . " --cvefile CVE File for vulnerability checks\n"
. " --nocolor Don't print output in color\n"
. " --json Print result as JSON string\n"
. " --prettyjson Print result as human readable JSON\n"
@@ -184,7 +193,15 @@
? abs_path( dirname(__FILE__) ) . "/basic_passwords.txt"
: abs_path( $opt{passwordfile} );
+# Username from envvar
+if ( exists $opt{userenv} && exists $ENV{ $opt{userenv} } ) {
+ $opt{user} = $ENV{ $opt{userenv} };
+}
+
# Related to password option
+if ( exists $opt{passenv} && exists $ENV{ $opt{passenv} } ) {
+ $opt{pass} = $ENV{ $opt{passenv} };
+}
$opt{pass} = $opt{password} if ( $opt{pass} eq 0 and $opt{password} ne 0 );
# for RPM distributions
@@ -198,6 +215,7 @@
$opt{idxstat} = 1; #Print index information
$opt{sysstat} = 1; #Print index information
$opt{buffers} = 1; #Print global and per-thread buffer values
+ $opt{pfstat} = 1; #Print performance schema info.
$opt{cvefile} = 'vulnerabilities.csv'; #CVE File for vulnerability checks
}
@@ -282,9 +300,18 @@
infoprintcmd "$_[1]";
}
+# Calculates the number of phyiscal cores considering HyperThreading
+sub cpu_cores {
+ my $cntCPU = `awk -F: '/^core id/ && !P[\$2] { CORES++; P[\$2]=1 }; /^physical id/ && !N[\$2] { CPUs++; N[\$2]=1 }; END { print CPUs*CORES }' /proc/cpuinfo`;
+ return ( $cntCPU == 0 ? `nproc` : $cntCPU );
+}
+
# Calculates the parameter passed in bytes, then rounds it to one decimal place
sub hr_bytes {
my $num = shift;
+ return "0B" unless defined($num);
+ return "0B" if $num eq "NULL";
+
if ( $num >= ( 1024**3 ) ) { #GB
return sprintf( "%.1f", ( $num / ( 1024**3 ) ) ) . "G";
}
@@ -299,10 +326,32 @@
}
}
+sub hr_raw {
+ my $num = shift;
+ return "0" unless defined($num);
+ return "0" if $num eq "NULL";
+ if ( $num =~ /^(\d+)G$/ ) {
+ return $1 * 1024 * 1024 * 1024;
+ }
+ if ( $num =~ /^(\d+)M$/ ) {
+ return $1 * 1024 * 1024;
+ }
+ if ( $num =~ /^(\d+)K$/ ) {
+ return $1 * 1024;
+ }
+ if ( $num =~ /^(\d+)$/ ) {
+ return $1;
+ }
+ return $num;
+}
+
# Calculates the parameter passed in bytes, then rounds it to the nearest integer
sub hr_bytes_rnd {
my $num = shift;
- if ( $num >= ( 1024**3 ) ) { #GB
+ return "0B" unless defined($num);
+ return "0B" if $num eq "NULL";
+
+ if ( $num >= ( 1024**3 ) ) { #GB
return int( ( $num / ( 1024**3 ) ) ) . "G";
}
elsif ( $num >= ( 1024**2 ) ) { #MB
@@ -338,6 +387,7 @@
my $value = shift;
my $total = shift;
$total = 0 unless defined $total;
+ $total = 0 if $total eq "NULL";
return 100, 00 if $total == 0;
return sprintf( "%.2f", ( $value * 100 / $total ) );
}
@@ -487,16 +537,15 @@
}
my $update;
- my $url =
-"https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl";
+ my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl";
my $httpcli = get_http_cli();
if ( $httpcli =~ /curl$/ ) {
debugprint "$httpcli is available.";
debugprint
-"$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2";
+"$httpcli -m 3 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2";
$update =
-`$httpcli --connect-timeout 5 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2`;
+`$httpcli -m 3 -silent '$url' 2>/dev/null | grep 'my \$tunerversion'| cut -d\\\" -f2`;
chomp($update);
debugprint "VERSION: $update";
@@ -508,15 +557,18 @@
debugprint "$httpcli is available.";
debugprint
-"$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2";
+"$httpcli -e timestamping=off -t 1 -T 3 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2";
$update =
-`$httpcli -e timestamping=off -T 5 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`;
+`$httpcli -e timestamping=off -t 1 -T 3 -O - '$url' 2>$devnull| grep 'my \$tunerversion'| cut -d\\\" -f2`;
chomp($update);
compare_tuner_version($update);
return;
}
debugprint "curl and wget are not available.";
infoprint "Unable to check for the latest MySQLTuner version";
+ infoprint
+"Using --pass and --password option is insecure during MySQLTuner execution(Password disclosure)"
+ if ( defined( $opt{'pass'} ) );
}
# Checks for updates to MySQLTuner
@@ -527,7 +579,6 @@
return;
}
- #use Cwd;
my $update;
my $url = "https://raw.githubusercontent.com/major/MySQLTuner-perl/master/";
my @scripts =
@@ -542,9 +593,9 @@
debugprint "$httpcli is available.";
debugprint
- "$httpcli --connect-timeout 5 '$url$script' 2>$devnull > $script";
+ "$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $script";
$update =
- `$httpcli --connect-timeout 5 '$url$script' 2>$devnull > $script`;
+ `$httpcli --connect-timeout 3 '$url$script' 2>$devnull > $script`;
chomp($update);
debugprint "$script updated: $update";
@@ -561,9 +612,9 @@
debugprint "$httpcli is available.";
debugprint
- "$httpcli -qe timestamping=off -T 5 -O $script '$url$script'";
+ "$httpcli -qe timestamping=off -t 1 -T 3 -O $script '$url$script'";
$update =
- `$httpcli -qe timestamping=off -T 5 -O $script '$url$script'`;
+ `$httpcli -qe timestamping=off -t 1 -T 3 -O $script '$url$script'`;
chomp($update);
if ( -s $script eq 0 ) {
@@ -598,7 +649,7 @@
#exit 0;
if ( $remoteversion ne $tunerversion ) {
badprint
- "There is a new version of MySQLTuner available ($remoteversion)";
+ "There is a new version of MySQLTuner available($remoteversion)";
update_tuner_version();
return;
}
@@ -664,15 +715,16 @@
debugprint "MySQL Client: $mysqlcmd";
+ $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port};
+
# Are we being asked to connect via a socket?
if ( $opt{socket} ne 0 ) {
- $remotestring = " -S $opt{socket}";
+ $remotestring = " -S $opt{socket} -P $opt{port}";
}
-
+
# Are we being asked to connect to a remote server?
if ( $opt{host} ne 0 ) {
chomp( $opt{host} );
- $opt{port} = ( $opt{port} eq 0 ) ? 3306 : $opt{port};
# If we're doing a remote connection, but forcemem wasn't specified, we need to exit
if ( $opt{'forcemem'} eq 0
@@ -687,6 +739,8 @@
if ( ( $opt{host} ne "127.0.0.1" ) && ( $opt{host} ne "localhost" ) ) {
$doremote = 1;
}
+ } else {
+ $opt{host}='127.0.0.1';
}
# Did we already get a username without password on the command line?
@@ -800,6 +854,20 @@
exit 1;
}
}
+ elsif ( $opt{'defaults-file'} ne 0 and -r "$opt{'defaults-file'}" ) {
+
+ # defaults-file
+ debugprint "defaults file detected: $opt{'defaults-file'}";
+ my $mysqlclidefaults = `$mysqlcmd --print-defaults`;
+ debugprint "MySQL Client Default File: $opt{'defaults-file'}";
+
+ $mysqllogin = "--defaults-file=" . $opt{'defaults-file'};
+ my $loginstatus = `$mysqladmincmd $mysqllogin ping 2>&1`;
+ if ( $loginstatus =~ /mysqld is alive/ ) {
+ goodprint "Logged in using credentials from defaults file account.";
+ return 1;
+ }
+ }
else {
# It's not Plesk or debian, we should try a login
debugprint "$mysqladmincmd $remotestring ping 2>&1";
@@ -854,7 +922,7 @@
$mysqllogin = "-u $name";
if ( length($password) > 0 ) {
- $mysqllogin .= " -p\"$password\"";
+ $mysqllogin .= " -p'$password'";
}
$mysqllogin .= $remotestring;
my $loginstatus = `$mysqladmincmd ping $mysqllogin 2>&1`;
@@ -994,6 +1062,11 @@
$myvar{'have_innodb'} = "NO";
}
+ # Support GTID MODE FOR MARIADB
+ # Issue MariaDB GTID mode #272
+ $myvar{'gtid_mode'} = $myvar{'gtid_strict_mode'}
+ if ( defined( $myvar{'gtid_strict_mode'} ) );
+
$myvar{'have_threadpool'} = "NO";
if ( defined( $myvar{'thread_pool_size'} )
and $myvar{'thread_pool_size'} > 0 )
@@ -1047,6 +1120,11 @@
grep { $_ ne '' } @_;
}
+sub grep_file_contents {
+ my $file = shift;
+ my $patt;
+}
+
sub get_file_contents {
my $file = shift;
open( my $fh, "<", $file ) or die "Can't open $file for read: $!";
@@ -1060,6 +1138,98 @@
return get_file_contents(shift);
}
+sub log_file_recommandations {
+ subheaderprint "Log file Recommendations";
+ infoprint "Log file: "
+ . $myvar{'log_error'} . "("
+ . hr_bytes_rnd( ( stat $myvar{'log_error'} )[7] ) . ")";
+ if ( -f "$myvar{'log_error'}" ) {
+ goodprint "Log file $myvar{'log_error'} exists";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} doesn't exist";
+ }
+ if ( -r "$myvar{'log_error'}" ) {
+ goodprint "Log file $myvar{'log_error'} is readable.";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} isn't readable.";
+ return;
+ }
+ if ( ( stat $myvar{'log_error'} )[7] > 0 ) {
+ goodprint "Log file $myvar{'log_error'} is not empty";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} is empty";
+ }
+
+ if ( ( stat $myvar{'log_error'} )[7] < 32 * 1024 * 1024 ) {
+ goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb";
+ }
+ else {
+ badprint "Log file $myvar{'log_error'} is bigger than 32 Mb";
+ push @generalrec,
+ $myvar{'log_error'}
+ . " is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!";
+ }
+
+ my @log_content = get_file_contents( $myvar{'log_error'} );
+
+ my $numLi = 0;
+ my $nbWarnLog = 0;
+ my $nbErrLog = 0;
+ my @lastShutdowns;
+ my @lastStarts;
+ foreach my $logLi (@log_content) {
+ $numLi++;
+ debugprint "$numLi: $logLi" if $logLi =~ /warning|error/i;
+ $nbErrLog++ if $logLi =~ /error/i;
+ $nbWarnLog++ if $logLi =~ /warning/i;
+ push @lastShutdowns, $logLi
+ if $logLi =~ /Shutdown complete/ and $logLi !~ /Innodb/i;
+ push @lastStarts, $logLi if $logLi =~ /ready for connections/;
+ }
+ if ( $nbWarnLog > 0 ) {
+ badprint "$myvar{'log_error'} contains $nbWarnLog warning(s).";
+ push @generalrec,
+ "Control warning line(s) into $myvar{'log_error'} file";
+ }
+ else {
+ goodprint "$myvar{'log_error'} doesn't contain any warning.";
+ }
+ if ( $nbErrLog > 0 ) {
+ badprint "$myvar{'log_error'} contains $nbErrLog error(s).";
+ push @generalrec, "Control error line(s) into $myvar{'log_error'} file";
+ }
+ else {
+ goodprint "$myvar{'log_error'} doesn't contain any error.";
+ }
+
+ infoprint scalar @lastStarts . " start(s) detected in $myvar{'log_error'}";
+ my $nStart = 0;
+ my $nEnd = 10;
+ if ( scalar @lastStarts < $nEnd ) {
+ $nEnd = scalar @lastStarts;
+ }
+ for my $startd ( reverse @lastStarts[ -$nEnd .. -1 ] ) {
+ $nStart++;
+ infoprint "$nStart) $startd";
+ }
+ infoprint scalar @lastShutdowns
+ . " shutdown(s) detected in $myvar{'log_error'}";
+ $nStart = 0;
+ $nEnd = 10;
+ if ( scalar @lastShutdowns < $nEnd ) {
+ $nEnd = scalar @lastShutdowns;
+ }
+ for my $shutd ( reverse @lastShutdowns[ -$nEnd .. -1 ] ) {
+ $nStart++;
+ infoprint "$nStart) $shutd";
+ }
+
+ #exit 0;
+}
+
sub cve_recommendations {
subheaderprint "CVE Security Recommendations";
unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) {
@@ -1067,6 +1237,9 @@
return;
}
+#$mysqlvermajor=10;
+#$mysqlverminor=1;
+#$mysqlvermicro=17;
#prettyprint "Look for related CVE for $myvar{'version'} or lower in $opt{cvefile}";
my $cvefound = 0;
open( my $fh, "<", $opt{cvefile} )
@@ -1188,7 +1361,7 @@
return "Unknown OS release";
}
-sub get_fs_info() {
+sub get_fs_info {
my @sinfo = `df -P | grep '%'`;
my @iinfo = `df -Pi| grep '%'`;
shift @iinfo;
@@ -1246,7 +1419,7 @@
return \%result;
}
-sub is_virtual_machine() {
+sub is_virtual_machine {
my $isVm = `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo`;
return ( $isVm == 0 ? 0 : 1 );
}
@@ -1278,7 +1451,7 @@
return join ', ', @result;
}
-sub get_kernel_info() {
+sub get_kernel_info {
my @params = (
'fs.aio-max-nr', 'fs.aio-nr',
'fs.file-max', 'sunrpc.tcp_fin_timeout',
@@ -1294,7 +1467,7 @@
badprint
"Swappiness is > 10, please consider having a value lower than 10";
push @generalrec, "setup swappiness lower or equals to 10";
- push @adjvars, 'vm.swappiness <= 10 (echo 0 > /proc/sys/vm/swappiness)';
+ push @adjvars, 'vm.swappiness <= 10 (echo 10 > /proc/sys/vm/swappiness)';
}
else {
infoprint "Swappiness is < 10.";
@@ -1324,12 +1497,12 @@
'fs.aio-max-nr > 1M (echo 1048576 > /proc/sys/fs/aio-max-nr)';
}
else {
- infoprint "Max Number of AIO events is > 1M.";
+ infoprint "Max Number of AIO events is > 1M.";
}
}
-sub get_system_info() {
+sub get_system_info {
$result{'OS'}{'Release'} = get_os_release();
infoprint get_os_release;
if (is_virtual_machine) {
@@ -1351,6 +1524,8 @@
else {
badprint "Internet : Disconnected";
}
+ $result{'OS'}{'NbCore'} = cpu_cores;
+ infoprint "Number of Core CPU : " . cpu_cores;
$result{'OS'}{'Type'} = `uname -o`;
infoprint "Operating System Type : " . infocmd_one "uname -o";
$result{'OS'}{'Kernel'} = `uname -r`;
@@ -1366,11 +1541,11 @@
my $ext_ip = "";
if ( $httpcli =~ /curl$/ ) {
- $ext_ip = infocmd_one "$httpcli ipecho.net/plain";
+ $ext_ip = infocmd_one "$httpcli -m 3 ipecho.net/plain";
}
elsif ( $httpcli =~ /wget$/ ) {
- $ext_ip = infocmd_one "$httpcli -q -O - ipecho.net/plain";
+ $ext_ip = infocmd_one "$httpcli -t 1 -T 3 -q -O - ipecho.net/plain";
}
infoprint "External IP : " . $ext_ip;
$result{'Network'}{'External Ip'} = $ext_ip;
@@ -1505,8 +1680,14 @@
}
# Looking for Empty Password
- @mysqlstatlist = select_array
+ if ( mysql_version_ge( 5, 5 ) ) {
+ @mysqlstatlist = select_array
"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL) AND plugin NOT IN ('unix_socket', 'win_socket')";
+ }
+ else {
+ @mysqlstatlist = select_array
+"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL)";
+ }
if (@mysqlstatlist) {
foreach my $line ( sort @mysqlstatlist ) {
chomp($line);
@@ -1567,8 +1748,12 @@
my $nbins = 0;
my $passreq;
if (@passwords) {
+ my $nbInterPass = 0;
foreach my $pass (@passwords) {
+ $nbInterPass++;
+
$pass =~ s/\s//g;
+ $pass =~ s/\'/\\\'/g;
chomp($pass);
# Looking for User with user/ uppercase /capitalise weak password
@@ -1593,6 +1778,8 @@
$nbins++;
}
}
+ debugprint "$nbInterPass / " . scalar(@passwords)
+ if ( $nbInterPass % 1000 == 0 );
}
}
if ( $nbins > 0 ) {
@@ -1743,7 +1930,7 @@
}
elsif ( `uname` =~ /Darwin/ && `uname -m` =~ /x86_64/ ) {
-# Darwin gibas.local 12.3.0 Darwin Kernel Version 12.3.0: Sun Jan 6 22:37:10 PST 2013; root:xnu-2050.22.13~1/RELEASE_X86_64 x86_64
+# Darwin gibas.local 12.3.0 Darwin Kernel Version 12.3.0: Sun Jan 6 22:37:10 PST 2013; root:xnu-2050.22.13~1/RELEASE_X86_64 x86_64
$arch = 64;
goodprint "Operating on 64-bit architecture";
}
@@ -1856,7 +2043,10 @@
$result{'Engine'}{$engine}{'Index Size'} = $isize;
}
my $not_innodb = '';
- if ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) {
+ if ( not defined $result{'Variables'}{'innodb_file_per_table'} ) {
+ $not_innodb = "AND NOT ENGINE='InnoDB'";
+ }
+ elsif ( $result{'Variables'}{'innodb_file_per_table'} eq 'OFF' ) {
$not_innodb = "AND NOT ENGINE='InnoDB'";
}
$result{'Tables'}{'Fragmented tables'} =
@@ -1959,7 +2149,7 @@
$data_free = $data_free / 1024 / 1024;
$total_free += $data_free;
push( @generalrec,
- " OPTIMIZE TABLE $table_name; -- can free $data_free MB" );
+ " OPTIMIZE TABLE `$table_name`; -- can free $data_free MB" );
}
push( @generalrec,
"Total freed space after theses OPTIMIZE TABLE : $total_free Mb" );
@@ -2177,14 +2367,7 @@
if ( $mystat{'Key_write_requests'} > 0 ) {
$mycalc{'pct_wkeys_from_mem'} = sprintf(
- "%.1f",
- (
- 100 - (
- ( $mystat{'Key_writes'} / $mystat{'Key_write_requests'} ) *
- 100
- )
- )
- );
+ "%.1f",( ($mystat{'Key_writes'} / $mystat{'Key_write_requests'} ) * 100 ) );
}
else {
$mycalc{'pct_wkeys_from_mem'} = 0;
@@ -2341,7 +2524,8 @@
# InnoDB
if ( $myvar{'have_innodb'} eq "YES" ) {
$mycalc{'innodb_log_size_pct'} =
- ( $myvar{'innodb_log_file_size'} * 100 /
+ ( $myvar{'innodb_log_file_size'} *
+ $myvar{'innodb_log_files_in_group'} * 100 /
$myvar{'innodb_buffer_pool_size'} );
}
@@ -2429,7 +2613,6 @@
}
# Memory usage
-
infoprint "Physical Memory : " . hr_bytes($physical_memory);
infoprint "Max MySQL memory : " . hr_bytes( $mycalc{'max_peak_memory'} );
infoprint "Other process memory: " . hr_bytes( get_other_process_memory() );
@@ -2591,9 +2774,15 @@
}
# name resolution
- if ( not defined( $result{'Variables'}{'skip_name_resolve'} ) ) {
+ if ( defined( $result{'Variables'}{'skip_networking'} )
+ && $result{'Variables'}{'skip_networking'} eq 'ON' )
+ {
+ infoprint
+"Skipped name resolution test due to skip_networking=ON in system variables.";
+ }
+ elsif ( not defined( $result{'Variables'}{'skip_name_resolve'} ) ) {
infoprint
-"Skipped name resolution test due to missing skip_name_resolve in system variables. ?More info?";
+"Skipped name resolution test due to missing skip_name_resolve in system variables.";
}
elsif ( $result{'Variables'}{'skip_name_resolve'} eq 'OFF' ) {
badprint
@@ -2610,30 +2799,21 @@
push( @generalrec,
"Upgrade MySQL to version 4+ to utilize query caching" );
}
- elsif ( mysql_version_ge( 5, 5 ) and !mysql_version_ge( 10, 1 ) ) {
- if ( $myvar{'query_cache_type'} ne "OFF" ) {
- badprint
- "Query cache may be disabled by default due to mutex contention.";
- push( @adjvars, "query_cache_type (=0)" );
- }
- else {
- goodprint
+ elsif ( $myvar{'query_cache_size'} < 1
+ and $myvar{'query_cache_type'} eq "OFF" )
+ {
+ goodprint
"Query cache is disabled by default due to mutex contention on multiprocessor machines.";
- }
- }
- elsif ( $myvar{'query_cache_size'} < 1 ) {
- badprint "Query cache is disabled";
- push( @adjvars, "query_cache_size (>= 8M)" );
- }
- elsif ( $myvar{'query_cache_type'} eq "OFF" ) {
- badprint "Query cache is disabled";
- push( @adjvars, "query_cache_type (=1)" );
}
elsif ( $mystat{'Com_select'} == 0 ) {
badprint
"Query cache cannot be analyzed - no SELECT statements executed";
}
else {
+ badprint
+ "Query cache may be disabled by default due to mutex contention.";
+ push( @adjvars, "query_cache_size (=0)" );
+ push( @adjvars, "query_cache_type (=0)" );
if ( $mycalc{'query_cache_efficiency'} < 20 ) {
badprint
"Query cache efficiency: $mycalc{'query_cache_efficiency'}% ("
@@ -2844,7 +3024,7 @@
. $myvar{'open_files_limit'}
. ") variable " );
push( @generalrec,
- "should be greater than $table_cache_var ( "
+ "should be greater than $table_cache_var ("
. $myvar{$table_cache_var}
. ")" );
}
@@ -2898,7 +3078,7 @@
&& $mystat{'Binlog_cache_use'} > 0 )
{
badprint "Binlog cache memory access: "
- . $mycalc{'pct_binlog_cache'} . "% ( "
+ . $mycalc{'pct_binlog_cache'} . "% ("
. (
$mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} )
. " Memory / "
@@ -2907,15 +3087,15 @@
push( @generalrec,
"Increase binlog_cache_size (Actual value: "
. $myvar{'binlog_cache_size'}
- . ") " );
+ . ")" );
push( @adjvars,
"binlog_cache_size ("
. hr_bytes( $myvar{'binlog_cache_size'} + 16 * 1024 * 1024 )
- . " ) " );
+ . ")" );
}
else {
goodprint "Binlog cache memory access: "
- . $mycalc{'pct_binlog_cache'} . "% ( "
+ . $mycalc{'pct_binlog_cache'} . "% ("
. (
$mystat{'Binlog_cache_use'} - $mystat{'Binlog_cache_disk_use'} )
. " Memory / "
@@ -2966,7 +3146,6 @@
}
}
else {
-
# No queries have run that would use keys
debugprint "Key buffer used: $mycalc{'pct_key_buffer_used'}% ("
. hr_num(
@@ -3026,7 +3205,6 @@
}
}
else {
-
# No queries have run that would use keys
debugprint "Key buffer size / total MyISAM indexes: "
. hr_bytes( $myvar{'key_buffer_size'} ) . "/"
@@ -3051,7 +3229,6 @@
}
}
else {
-
# No queries have run that would use keys
debugprint
"Write Key buffer hit rate: $mycalc{'pct_wkeys_from_mem'}% ("
@@ -3139,142 +3316,1681 @@
subheaderprint "Performance schema";
# Performance Schema
- unless ( defined( $myvar{'performance_schema'} )
- and $myvar{'performance_schema'} eq 'ON' )
- {
+ $myvar{'performance_schema'} = 'OFF'
+ unless defined( $myvar{'performance_schema'} );
+ unless ( $myvar{'performance_schema'} eq 'ON' ) {
infoprint "Performance schema is disabled.";
- return;
+ if ( mysql_version_ge( 5, 6 ) ) {
+ push( @generalrec,
+ "Performance should be activated for better diagnostics" );
+ push( @adjvars, "performance_schema = ON enable PFS" );
+ }
+ else {
+ push( @generalrec,
+"Performance shouldn't be activated for MySQL and MariaDB 5.5 and lower version"
+ );
+ push( @adjvars, "performance_schema = OFF disable PFS" );
+ }
}
- infoprint "Performance schema is enabled.";
+ debugprint "Performance schema is " . $myvar{'performance_schema'};
infoprint "Memory used by P_S: " . hr_bytes( get_pf_memory() );
- if ( grep /^sys$/, select_array("SHOW DATABASES") ) {
- infoprint "Sys schema is installed.";
- }
- else {
+ unless ( grep /^sys$/, select_array("SHOW DATABASES") ) {
infoprint "Sys schema isn't installed.";
+ push( @generalrec,
+"Consider installing Sys schema from https://github.com/mysql/mysql-sys"
+ );
return;
}
+ else {
+ infoprint "Sys schema is installed.";
+ }
+ return if ( $opt{pfstat} == 0 or $myvar{'performance_schema'} ne 'ON' );
-}
+ infoprint "Sys schema Version: "
+ . select_one("select sys_version from sys.version");
-# Recommendations for Ariadb
-sub mariadb_ariadb {
- subheaderprint "AriaDB Metrics";
+ # Top user per connection
+ subheaderprint "Performance schema: Top 5 user per connection";
+ my $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, total_connections from sys.user_summary order by total_connections desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery conn(s)";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- # AriaDB
- unless ( defined $myvar{'have_aria'}
- and $myvar{'have_aria'} eq "YES" )
+ # Top user per statement
+ subheaderprint "Performance schema: Top 5 user per statement";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, statements from sys.user_summary order by statements desc LIMIT 5'
+ )
+ )
{
- infoprint "AriaDB is disabled.";
- return;
+ infoprint " +-- $nbL: $lQuery stmt(s)";
+ $nbL++;
}
- infoprint "AriaDB is enabled.";
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- # Aria pagecache
- if ( !defined( $mycalc{'total_aria_indexes'} ) and $doremote == 1 ) {
- push( @generalrec,
- "Unable to calculate Aria indexes on remote MySQL server < 5.0.0" );
+ # Top user per statement latency
+ subheaderprint "Performance schema: Top 5 user per statement latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, statement_avg_latency from sys.user_summary order by statement_avg_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
}
- elsif ( $mycalc{'total_aria_indexes'} =~ /^fail$/ ) {
- badprint
- "Cannot calculate Aria index size - re-run script as root user";
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top user per lock latency
+ subheaderprint "Performance schema: Top 5 user per lock latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, lock_latency from sys.user_summary_by_statement_latency order by lock_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
}
- elsif ( $mycalc{'total_aria_indexes'} == "0" ) {
- badprint
- "None of your Aria tables are indexed - add indexes immediately";
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top user per full scans
+ subheaderprint "Performance schema: Top 5 user per nb full scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, full_scans from sys.user_summary_by_statement_latency order by full_scans desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
}
- else {
- if (
- $myvar{'aria_pagecache_buffer_size'} < $mycalc{'total_aria_indexes'}
- && $mycalc{'pct_aria_keys_from_mem'} < 95 )
- {
- badprint "Aria pagecache size / total Aria indexes: "
- . hr_bytes( $myvar{'aria_pagecache_buffer_size'} ) . "/"
- . hr_bytes( $mycalc{'total_aria_indexes'} ) . "";
- push( @adjvars,
- "aria_pagecache_buffer_size (> "
- . hr_bytes( $mycalc{'total_aria_indexes'} )
- . ")" );
- }
- else {
- goodprint "Aria pagecache size / total Aria indexes: "
- . hr_bytes( $myvar{'aria_pagecache_buffer_size'} ) . "/"
- . hr_bytes( $mycalc{'total_aria_indexes'} ) . "";
- }
- if ( $mystat{'Aria_pagecache_read_requests'} > 0 ) {
- if ( $mycalc{'pct_aria_keys_from_mem'} < 95 ) {
- badprint
-"Aria pagecache hit rate: $mycalc{'pct_aria_keys_from_mem'}% ("
- . hr_num( $mystat{'Aria_pagecache_read_requests'} )
- . " cached / "
- . hr_num( $mystat{'Aria_pagecache_reads'} )
- . " reads)";
- }
- else {
- goodprint
-"Aria pagecache hit rate: $mycalc{'pct_aria_keys_from_mem'}% ("
- . hr_num( $mystat{'Aria_pagecache_read_requests'} )
- . " cached / "
- . hr_num( $mystat{'Aria_pagecache_reads'} )
- . " reads)";
- }
- }
- else {
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- # No queries have run that would use keys
- }
+ # Top user per row_sent
+ subheaderprint "Performance schema: Top 5 user per rows sent";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, rows_sent from sys.user_summary_by_statement_latency order by rows_sent desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
}
-}
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
-# Recommendations for TokuDB
-sub mariadb_tokudb {
- subheaderprint "TokuDB Metrics";
+ # Top user per row modified
+ subheaderprint "Performance schema: Top 5 user per rows modified";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, rows_affected from sys.user_summary_by_statement_latency order by rows_affected desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- # AriaDB
- unless ( defined $myvar{'have_tokudb'}
- && $myvar{'have_tokudb'} eq "YES" )
+ # Top user per io
+ subheaderprint "Performance schema: Top 5 user per io";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, file_ios from sys.user_summary order by file_ios desc LIMIT 5'
+ )
+ )
{
- infoprint "TokuDB is disabled.";
- return;
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
}
- infoprint "TokuDB is enabled.";
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- # All is to done here
-}
+ # Top user per io latency
+ subheaderprint "Performance schema: Top 5 user per io latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select user, file_io_latency from sys.user_summary order by file_io_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
-# Perl trim function to remove whitespace from the start and end of the string
-sub trim {
- my $string = shift;
- $string =~ s/^\s+//;
- $string =~ s/\s+$//;
- return $string;
-}
+ # Top host per connection
+ subheaderprint "Performance schema: Top 5 host per connection";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, total_connections from sys.host_summary order by total_connections desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery conn(s)";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
-sub get_wsrep_options {
- return () unless defined $myvar{'wsrep_provider_options'};
+ # Top host per statement
+ subheaderprint "Performance schema: Top 5 host per statement";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, statements from sys.host_summary order by statements desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery stmt(s)";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- my @galera_options = split /;/, $myvar{'wsrep_provider_options'};
- @galera_options = remove_cr @galera_options;
- @galera_options = remove_empty @galera_options;
- debugprint Dumper( \@galera_options );
- return @galera_options;
-}
+ # Top host per statement latency
+ subheaderprint "Performance schema: Top 5 host per statement latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, statement_avg_latency from sys.host_summary order by statement_avg_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
-sub get_gcache_memory {
- my $gCacheMem = get_wsrep_option('gcache.mem_size');
+ # Top host per lock latency
+ subheaderprint "Performance schema: Top 5 host per lock latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, lock_latency from sys.host_summary_by_statement_latency order by lock_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
- return 0 unless defined $gCacheMem and $gCacheMem ne '';
- return $gCacheMem;
-}
+ # Top host per full scans
+ subheaderprint "Performance schema: Top 5 host per nb full scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, full_scans from sys.host_summary_by_statement_latency order by full_scans desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
-sub get_wsrep_option {
- my $key = shift;
- return '' unless defined $myvar{'wsrep_provider_options'};
- my @galera_options = get_wsrep_options;
- return '' unless scalar(@galera_options) > 0;
+ # Top host per rows sent
+ subheaderprint "Performance schema: Top 5 host per rows sent";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, rows_sent from sys.host_summary_by_statement_latency order by rows_sent desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top host per rows modified
+ subheaderprint "Performance schema: Top 5 host per rows modified";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, rows_affected from sys.host_summary_by_statement_latency order by rows_affected desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top host per io
+ subheaderprint "Performance schema: Top 5 host per io";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, file_ios from sys.host_summary order by file_ios desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top 5 host per io latency
+ subheaderprint "Performance schema: Top 5 host per io latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, file_io_latency from sys.host_summary order by file_io_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top IO type order by total io
+ subheaderprint "Performance schema: Top IO type order by total io";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select substring(event_name,14), SUM(total)AS total from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total DESC;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery i/o";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top IO type order by total latency
+ subheaderprint "Performance schema: Top IO type order by total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select substring(event_name,14), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY total_latency DESC;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top IO type order by max latency
+ subheaderprint "Performance schema: Top IO type order by max latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select substring(event_name,14), MAX(max_latency) as max_latency from sys.host_summary_by_file_io_type GROUP BY substring(event_name,14) ORDER BY max_latency DESC;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top Stages order by total io
+ subheaderprint "Performance schema: Top Stages order by total io";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select substring(event_name,7), SUM(total)AS total from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total DESC;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery i/o";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top Stages order by total latency
+ subheaderprint "Performance schema: Top Stages order by total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select substring(event_name,7), format_time(ROUND(SUM(total_latency),1)) AS total_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY total_latency DESC;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top Stages order by avg latency
+ subheaderprint "Performance schema: Top Stages order by avg latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select substring(event_name,7), MAX(avg_latency) as avg_latency from sys.host_summary_by_stages GROUP BY substring(event_name,7) ORDER BY avg_latency DESC;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top host per table scans
+ subheaderprint "Performance schema: Top 5 host per table scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select host, table_scans from sys.host_summary order by table_scans desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # InnoDB Buffer Pool by schema
+ subheaderprint "Performance schema: InnoDB Buffer Pool by schema";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select object_schema, allocated, data, pages from sys.innodb_buffer_stats_by_schema ORDER BY pages DESC'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery page(s)";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # InnoDB Buffer Pool by table
+ subheaderprint "Performance schema: InnoDB Buffer Pool by table";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"select CONCAT(object_schema,CONCAT('.', object_name)), allocated,data, pages from sys.innodb_buffer_stats_by_table ORDER BY pages DESC"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery page(s)";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Process per allocated memory
+ subheaderprint "Performance schema: Process per allocated memory";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"select concat(user,concat('/', IFNULL(Command,'NONE'))) AS PROC, current_memory from sys.processlist ORDER BY current_memory DESC;"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # InnoDB Lock Waits
+ subheaderprint "Performance schema: InnoDB Lock Waits";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"use sys;select wait_age_secs, locked_table, locked_type, waiting_query from innodb_lock_waits order by wait_age_secs DESC;"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Threads IO Latency
+ subheaderprint "Performance schema: Thread IO Latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"use sys;select user, total_latency, max_latency from io_by_thread_by_latency order by total_latency;"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # High Cost SQL statements
+ subheaderprint "Performance schema: Top 5 Most latency statements";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select query, avg_latency from sys.statement_analysis order by avg_latency desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top 5% slower queries
+ subheaderprint "Performance schema: Top 5 slower queries";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select query, exec_count from sys.statements_with_runtimes_in_95th_percentile order by exec_count desc LIMIT 5'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery s";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top 10 nb statement type
+ subheaderprint "Performance schema: Top 10 nb statement type";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select statement, sum(total) as total from host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top statement by total latency
+ subheaderprint "Performance schema: Top statement by total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select statement, sum(total_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top statement by lock latency
+ subheaderprint "Performance schema: Top statement by lock latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select statement, sum(lock_latency) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top statement by full scans
+ subheaderprint "Performance schema: Top statement by full scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select statement, sum(full_scans) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top statement by rows sent
+ subheaderprint "Performance schema: Top statement by rows sent";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select statement, sum(rows_sent) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Top statement by rows modified
+ subheaderprint "Performance schema: Top statement by rows modified";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select statement, sum(rows_affected) as total from sys.host_summary_by_statement_type group by statement order by total desc LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Use temporary tables
+ subheaderprint "Performance schema: Some queries using temp table";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+ 'use sys;select query from sys.statements_with_temp_tables LIMIT 20'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Unused Indexes
+ subheaderprint "Performance schema: Unused indexes";
+ $nbL = 1;
+ for my $lQuery ( select_array('select * from sys.schema_unused_indexes') ) {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Full table scans
+ subheaderprint "Performance schema: Tables with full table scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select * from sys.schema_tables_with_full_table_scans order by rows_full_scanned DESC'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Latest file IO by latency
+ subheaderprint "Performance schema: Latest FILE IO by latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select thread, file, latency, operation from latest_file_io ORDER BY latency LIMIT 10;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # FILE by IO read bytes
+ subheaderprint "Performance schema: FILE by IO read bytes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"use sys;(select file, total_read from io_global_by_file_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select file, total_read from io_global_by_file_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # FILE by IO written bytes
+ subheaderprint "Performance schema: FILE by IO written bytes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"use sys;(select file, total_written from io_global_by_file_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select file, total_written from io_global_by_file_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # file per IO total latency
+ subheaderprint "Performance schema: file per IO total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select file, total_latency from io_global_by_file_by_latency ORDER BY total_latency DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # file per IO read latency
+ subheaderprint "Performance schema: file per IO read latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select file, read_latency from io_global_by_file_by_latency ORDER BY read_latency DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # file per IO write latency
+ subheaderprint "Performance schema: file per IO write latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select file, write_latency from io_global_by_file_by_latency ORDER BY write_latency DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Event Wait by read bytes
+ subheaderprint "Performance schema: Event Wait by read bytes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"use sys;(select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%MiB' order by total_read DESC) UNION (select event_name, total_read from io_global_by_wait_by_bytes where total_read like '%KiB' order by total_read DESC LIMIT 15);"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Event Wait by write bytes
+ subheaderprint "Performance schema: Event Wait written bytes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+"use sys;(select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%MiB' order by total_written DESC) UNION (select event_name, total_written from io_global_by_wait_by_bytes where total_written like '%KiB' order by total_written DESC LIMIT 15);"
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # event per wait total latency
+ subheaderprint "Performance schema: event per wait total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select event_name, total_latency from io_global_by_wait_by_latency ORDER BY total_latency DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # event per wait read latency
+ subheaderprint "Performance schema: event per wait read latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select event_name, read_latency from io_global_by_wait_by_latency ORDER BY read_latency DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # event per wait write latency
+ subheaderprint "Performance schema: event per wait write latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select event_name, write_latency from io_global_by_wait_by_latency ORDER BY write_latency DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ #schema_index_statistics
+ # TOP 15 most read index
+ subheaderprint "Performance schema: TOP 15 most read indexes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name,index_name, rows_selected from schema_index_statistics ORDER BY ROWs_selected DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 most used index
+ subheaderprint "Performance schema: TOP 15 most modified indexes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name,index_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_index_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high read latency index
+ subheaderprint "Performance schema: TOP 15 high read latency index";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name,index_name, select_latency from schema_index_statistics ORDER BY select_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high insert latency index
+ subheaderprint "Performance schema: TOP 15 most modified indexes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name,index_name, insert_latency from schema_index_statistics ORDER BY insert_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high update latency index
+ subheaderprint "Performance schema: TOP 15 high update latency index";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name,index_name, update_latency from schema_index_statistics ORDER BY update_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high delete latency index
+ subheaderprint "Performance schema: TOP 15 high delete latency index";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name,index_name, delete_latency from schema_index_statistics ORDER BY delete_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 most read tables
+ subheaderprint "Performance schema: TOP 15 most read tables";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name, rows_fetched from schema_table_statistics ORDER BY ROWs_fetched DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 most used tables
+ subheaderprint "Performance schema: TOP 15 most modified tables";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name, rows_inserted+rows_updated+rows_deleted AS changes from schema_table_statistics ORDER BY rows_inserted+rows_updated+rows_deleted DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high read latency tables
+ subheaderprint "Performance schema: TOP 15 high read latency tables";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name, fetch_latency from schema_table_statistics ORDER BY fetch_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high insert latency tables
+ subheaderprint "Performance schema: TOP 15 high insert latency tables";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name, insert_latency from schema_table_statistics ORDER BY insert_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high update latency tables
+ subheaderprint "Performance schema: TOP 15 high update latency tables";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name, update_latency from schema_table_statistics ORDER BY update_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # TOP 15 high delete latency tables
+ subheaderprint "Performance schema: TOP 15 high delete latency tables";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select table_schema, table_name, delete_latency from schema_table_statistics ORDER BY delete_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ # Redundant indexes
+ subheaderprint "Performance schema: Redundant indexes";
+ $nbL = 1;
+ for my $lQuery (
+ select_array('use sys;select * from schema_redundant_indexes;') )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Tables not using InnoDB buffer";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Table not using InnoDB buffer";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+ subheaderprint "Performance schema: Table not using InnoDB buffer";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+' Select table_schema, table_name from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NULL;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Top 15 Tables using InnoDB buffer";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select table_schema,table_name,innodb_buffer_allocated from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_allocated DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Top 15 Tables with InnoDB buffer free";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select table_schema,table_name,innodb_buffer_free from sys.schema_table_statistics_with_buffer where innodb_buffer_allocated IS NOT NULL ORDER BY innodb_buffer_free DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Top 15 Most executed queries";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, exec_count from sys.statement_analysis order by exec_count DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: Latest SQL queries in errors or warnings";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select query, last_seen from sys.statements_with_errors_or_warnings ORDER BY last_seen LIMIT 100;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Top 20 queries with full table scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, exec_count from sys.statements_with_full_table_scans order BY exec_count DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Last 50 queries with full table scans";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, last_seen from sys.statements_with_full_table_scans order BY last_seen DESC LIMIT 50;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 reader queries (95% percentile)";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query , rows_sent from statements_with_runtimes_in_95th_percentile ORDER BY ROWs_sent DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: TOP 15 most row look queries (95% percentile)";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, rows_examined AS search from statements_with_runtimes_in_95th_percentile ORDER BY rows_examined DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: TOP 15 total latency queries (95% percentile)";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, total_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY total_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: TOP 15 max latency queries (95% percentile)";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, max_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY max_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: TOP 15 average latency queries (95% percentile)";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, avg_latency AS search from statements_with_runtimes_in_95th_percentile ORDER BY avg_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Top 20 queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, exec_count from sys.statements_with_sorting order BY exec_count DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Last 50 queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, last_seen from sys.statements_with_sorting order BY last_seen DESC LIMIT 50;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 row sorting queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query , rows_sorted from statements_with_sorting ORDER BY ROWs_sorted DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 total latency queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, total_latency AS search from statements_with_sorting ORDER BY total_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 merge queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, sort_merge_passes AS search from statements_with_sorting ORDER BY sort_merge_passes DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: TOP 15 average sort merges queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, avg_sort_merges AS search from statements_with_sorting ORDER BY avg_sort_merges DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 scans queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, sorts_using_scans AS search from statements_with_sorting ORDER BY sorts_using_scans DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 range queries with sort";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, sort_using_range AS search from statements_with_sorting ORDER BY sort_using_range DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+##################################################################################
+
+ #statements_with_temp_tables
+
+#mysql> desc statements_with_temp_tables;
+#+--------------------------+---------------------+------+-----+---------------------+-------+
+#| Field | Type | Null | Key | Default | Extra |
+#+--------------------------+---------------------+------+-----+---------------------+-------+
+#| query | longtext | YES | | NULL | |
+#| db | varchar(64) | YES | | NULL | |
+#| exec_count | bigint(20) unsigned | NO | | NULL | |
+#| total_latency | text | YES | | NULL | |
+#| memory_tmp_tables | bigint(20) unsigned | NO | | NULL | |
+#| disk_tmp_tables | bigint(20) unsigned | NO | | NULL | |
+#| avg_tmp_tables_per_query | decimal(21,0) | NO | | 0 | |
+#| tmp_tables_to_disk_pct | decimal(24,0) | NO | | 0 | |
+#| first_seen | timestamp | NO | | 0000-00-00 00:00:00 | |
+#| last_seen | timestamp | NO | | 0000-00-00 00:00:00 | |
+#| digest | varchar(32) | YES | | NULL | |
+#+--------------------------+---------------------+------+-----+---------------------+-------+
+#11 rows in set (0,01 sec)#
+#
+ subheaderprint "Performance schema: Top 20 queries with temp table";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, exec_count from sys.statements_with_temp_tables order BY exec_count DESC LIMIT 20;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: Last 50 queries with temp table";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'select db, query, last_seen from sys.statements_with_temp_tables order BY last_seen DESC LIMIT 50;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint
+ "Performance schema: TOP 15 total latency queries with temp table";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, total_latency AS search from statements_with_temp_tables ORDER BY total_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 queries with temp table to disk";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select db, query, disk_tmp_tables from statements_with_temp_tables ORDER BY disk_tmp_tables DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+##################################################################################
+ #wait_classes_global_by_latency
+
+#ysql> select * from wait_classes_global_by_latency;
+#-----------------+-------+---------------+-------------+-------------+-------------+
+# event_class | total | total_latency | min_latency | avg_latency | max_latency |
+#-----------------+-------+---------------+-------------+-------------+-------------+
+# wait/io/file | 15381 | 1.23 s | 0 ps | 80.12 us | 230.64 ms |
+# wait/io/table | 59 | 7.57 ms | 5.45 us | 128.24 us | 3.95 ms |
+# wait/lock/table | 69 | 3.22 ms | 658.84 ns | 46.64 us | 1.10 ms |
+#-----------------+-------+---------------+-------------+-------------+-------------+
+# rows in set (0,00 sec)
+
+ subheaderprint "Performance schema: TOP 15 class events by number";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select event_class, total from wait_classes_global_by_latency ORDER BY total DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 30 events by number";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select events, total from waits_global_by_latency ORDER BY total DESC LIMIT 30;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 class events by total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select event_class, total_latency from wait_classes_global_by_latency ORDER BY total_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 30 events by total latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select events, total_latency from waits_global_by_latency ORDER BY total_latency DESC LIMIT 30;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 15 class events by max latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select event_class, max_latency from wait_classes_global_by_latency ORDER BY max_latency DESC LIMIT 15;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+ subheaderprint "Performance schema: TOP 30 events by max latency";
+ $nbL = 1;
+ for my $lQuery (
+ select_array(
+'use sys;select events, max_latency from waits_global_by_latency ORDER BY max_latency DESC LIMIT 30;'
+ )
+ )
+ {
+ infoprint " +-- $nbL: $lQuery";
+ $nbL++;
+ }
+ infoprint "No information found or indicators desactivated."
+ if ( $nbL == 1 );
+
+}
+
+# Recommendations for Ariadb
+sub mariadb_ariadb {
+ subheaderprint "AriaDB Metrics";
+
+ # AriaDB
+ unless ( defined $myvar{'have_aria'}
+ and $myvar{'have_aria'} eq "YES" )
+ {
+ infoprint "AriaDB is disabled.";
+ return;
+ }
+ infoprint "AriaDB is enabled.";
+
+ # Aria pagecache
+ if ( !defined( $mycalc{'total_aria_indexes'} ) and $doremote == 1 ) {
+ push( @generalrec,
+ "Unable to calculate Aria indexes on remote MySQL server < 5.0.0" );
+ }
+ elsif ( $mycalc{'total_aria_indexes'} =~ /^fail$/ ) {
+ badprint
+ "Cannot calculate Aria index size - re-run script as root user";
+ }
+ elsif ( $mycalc{'total_aria_indexes'} == "0" ) {
+ badprint
+ "None of your Aria tables are indexed - add indexes immediately";
+ }
+ else {
+ if (
+ $myvar{'aria_pagecache_buffer_size'} < $mycalc{'total_aria_indexes'}
+ && $mycalc{'pct_aria_keys_from_mem'} < 95 )
+ {
+ badprint "Aria pagecache size / total Aria indexes: "
+ . hr_bytes( $myvar{'aria_pagecache_buffer_size'} ) . "/"
+ . hr_bytes( $mycalc{'total_aria_indexes'} ) . "";
+ push( @adjvars,
+ "aria_pagecache_buffer_size (> "
+ . hr_bytes( $mycalc{'total_aria_indexes'} )
+ . ")" );
+ }
+ else {
+ goodprint "Aria pagecache size / total Aria indexes: "
+ . hr_bytes( $myvar{'aria_pagecache_buffer_size'} ) . "/"
+ . hr_bytes( $mycalc{'total_aria_indexes'} ) . "";
+ }
+ if ( $mystat{'Aria_pagecache_read_requests'} > 0 ) {
+ if ( $mycalc{'pct_aria_keys_from_mem'} < 95 ) {
+ badprint
+"Aria pagecache hit rate: $mycalc{'pct_aria_keys_from_mem'}% ("
+ . hr_num( $mystat{'Aria_pagecache_read_requests'} )
+ . " cached / "
+ . hr_num( $mystat{'Aria_pagecache_reads'} )
+ . " reads)";
+ }
+ else {
+ goodprint
+"Aria pagecache hit rate: $mycalc{'pct_aria_keys_from_mem'}% ("
+ . hr_num( $mystat{'Aria_pagecache_read_requests'} )
+ . " cached / "
+ . hr_num( $mystat{'Aria_pagecache_reads'} )
+ . " reads)";
+ }
+ }
+ else {
+
+ # No queries have run that would use keys
+ }
+ }
+}
+
+# Recommendations for TokuDB
+sub mariadb_tokudb {
+ subheaderprint "TokuDB Metrics";
+
+ # AriaDB
+ unless ( defined $myvar{'have_tokudb'}
+ && $myvar{'have_tokudb'} eq "YES" )
+ {
+ infoprint "TokuDB is disabled.";
+ return;
+ }
+ infoprint "TokuDB is enabled.";
+
+ # All is to done here
+}
+
+# Recommendations for XtraDB
+sub mariadb_xtradb {
+ subheaderprint "XtraDB Metrics";
+
+ # XtraDB
+ unless ( defined $myvar{'have_xtradb'}
+ && $myvar{'have_xtradb'} eq "YES" )
+ {
+ infoprint "XtraDB is disabled.";
+ return;
+ }
+ infoprint "XtraDB is enabled.";
+
+ # All is to done here
+}
+
+# Recommendations for RocksDB
+sub mariadb_rockdb {
+ subheaderprint "RocksDB Metrics";
+
+ # RocksDB
+ unless ( defined $myvar{'have_rocksdb'}
+ && $myvar{'have_rocksdb'} eq "YES" )
+ {
+ infoprint "RocksDB is disabled.";
+ return;
+ }
+ infoprint "RocksDB is enabled.";
+
+ # All is to done here
+}
+
+# Recommendations for Spider
+sub mariadb_spider {
+ subheaderprint "Spider Metrics";
+
+ # Spider
+ unless ( defined $myvar{'have_spider'}
+ && $myvar{'have_spider'} eq "YES" )
+ {
+ infoprint "Spider is disabled.";
+ return;
+ }
+ infoprint "Spider is enabled.";
+
+ # All is to done here
+}
+
+# Recommendations for Connect
+sub mariadb_connect {
+ subheaderprint "Connect Metrics";
+
+ # Connect
+ unless ( defined $myvar{'have_connect'}
+ && $myvar{'have_connect'} eq "YES" )
+ {
+ infoprint "Connect is disabled.";
+ return;
+ }
+ infoprint "TokuDB is enabled.";
+
+ # All is to done here
+}
+
+# Perl trim function to remove whitespace from the start and end of the string
+sub trim {
+ my $string = shift;
+ $string =~ s/^\s+//;
+ $string =~ s/\s+$//;
+ return $string;
+}
+
+sub get_wsrep_options {
+ return () unless defined $myvar{'wsrep_provider_options'};
+
+ my @galera_options = split /;/, $myvar{'wsrep_provider_options'};
+ @galera_options = remove_cr @galera_options;
+ @galera_options = remove_empty @galera_options;
+ debugprint Dumper( \@galera_options );
+ return @galera_options;
+}
+
+sub get_gcache_memory {
+ my $gCacheMem = hr_raw( get_wsrep_option('gcache.size') );
+
+ return 0 unless defined $gCacheMem and $gCacheMem ne '';
+ return $gCacheMem;
+}
+
+sub get_wsrep_option {
+ my $key = shift;
+ return '' unless defined $myvar{'wsrep_provider_options'};
+ my @galera_options = get_wsrep_options;
+ return '' unless scalar(@galera_options) > 0;
my @memValues = grep /\s*$key =/, @galera_options;
my $memValue = $memValues[0];
+ return 0 unless defined $memValue;
$memValue =~ s/.*=\s*(.+)$/$1/g;
return $memValue;
}
@@ -3323,43 +5039,95 @@
having sum(if(c.column_key in ('PRI','UNI'), 1,0)) = 0"
);
+ if ( get_wsrep_option('wsrep_slave_threads') > cpu_cores * 4
+ or get_wsrep_option('wsrep_slave_threads') < cpu_cores * 3 )
+ {
+ badprint
+ "wsrep_slave_threads is not equal to 2, 3 or 4 times number of CPU(s)";
+ push @adjvars, "wsrep_slave_threads= Nb of Core CPU * 4";
+ }
+ else {
+ goodprint
+ "wsrep_slave_threads is equal to 2, 3 or 4 times number of CPU(s)";
+ }
+
+ if ( get_wsrep_option('gcs.limit') !=
+ get_wsrep_option('wsrep_slave_threads') * 5 )
+ {
+ badprint "gcs.limit should be equal to 5 * wsrep_slave_threads";
+ push @adjvars, "gcs.limit= wsrep_slave_threads * 5";
+ } else {
+ goodprint "gcs.limit should be equal to 5 * wsrep_slave_threads";
+ }
+
+ if (get_wsrep_option('wsrep_slave_threads') > 1) {
+ infoprint "wsrep parallel slave can cause frequent inconsistency crash.";
+ push @adjvars, "Set wsrep_slave_threads to 1 in case of HA_ERR_FOUND_DUPP_KEY crash on slave";
+ # check options for parallel slave
+ if (get_wsrep_option('wsrep_slave_FK_checks') eq "OFF") {
+ badprint "wsrep_slave_FK_checks is off with parallel slave";
+ push @adjvars, "wsrep_slave_FK_checks should be ON when using parallel slave";
+ }
+ # wsrep_slave_UK_checks seems useless in MySQL source code
+ if ($myvar{'innodb_autoinc_lock_mode'} != 2) {
+ badprint "innodb_autoinc_lock_mode is incorrect with parallel slave";
+ push @adjvars, "innodb_autoinc_lock_mode should be 2 when using parallel slave";
+ }
+ }
+
+ if (get_wsrep_option('gcs.fc_limit') != $myvar{'wsrep_slave_threads'} * 5 ) {
+ badprint "gcs.fc_limit should be equal to 5 * wsrep_slave_threads";
+ push @adjvars, "gcs.fc_limit= wsrep_slave_threads * 5";
+ } else {
+ goodprint "gcs.fc_limit is equal to 5 * wsrep_slave_threads";
+ }
+
+ if (get_wsrep_option('gcs.fc_factor') != 0.8 ) {
+ badprint "gcs.fc_factor should be equal to 0.8";
+ push @adjvars, "gcs.fc_factor=0.8";
+ }
+ else {
+ goodprint "gcs.fc_factor is equal to 0.8";
+ }
+ if ( get_wsrep_option('wsrep_flow_control_paused') > 0.02 ) {
+ badprint "Fraction of time node pause flow control > 0.02";
+ } else {
+ goodprint "Flow control fraction seems to be OK (wsrep_flow_control_paused<=0.02)";
+ }
+
if ( scalar(@primaryKeysNbTables) > 0 ) {
badprint "Following table(s) don't have primary key:";
foreach my $badtable (@primaryKeysNbTables) {
badprint "\t$badtable";
push @{ $result{'Tables without PK'} }, $badtable;
}
- }
- else {
+ } else {
goodprint "All tables get a primary key";
}
- my @nonInnoDbTables = select_array(
-"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDb' and table_schema not in ('mysql', 'performance_schema', 'information_schema')"
+ my @nonInnoDBTables = select_array(
+"select CONCAT(table_schema,CONCAT('.', table_name)) from information_schema.tables where ENGINE <> 'InnoDB' and table_schema not in ('mysql', 'performance_schema', 'information_schema')"
);
- if ( scalar(@nonInnoDbTables) > 0 ) {
+ if ( scalar(@nonInnoDBTables) > 0 ) {
badprint "Following table(s) are not InnoDB table:";
push @generalrec,
"Ensure that all table(s) are InnoDB tables for Galera replication";
- foreach my $badtable (@nonInnoDbTables) {
+ foreach my $badtable (@nonInnoDBTables) {
badprint "\t$badtable";
}
- }
- else {
+ } else {
goodprint "All tables are InnoDB tables";
}
if ( $myvar{'binlog_format'} ne 'ROW' ) {
badprint "Binlog format should be in ROW mode.";
push @adjvars, "binlog_format = ROW";
- }
- else {
+ } else {
goodprint "Binlog format is in ROW mode.";
}
if ( $myvar{'innodb_flush_log_at_trx_commit'} != 0 ) {
- badprint "Innodb flush log at each commit should be disabled.";
+ badprint "InnoDB flush log at each commit should be disabled.";
push @adjvars, "innodb_flush_log_at_trx_commit = 0";
- }
- else {
- goodprint "Innodb flush log at each commit is disabled for Galera.";
+ } else {
+ goodprint "InnoDB flush log at each commit is disabled for Galera.";
}
infoprint "Read consistency mode :" . $myvar{'wsrep_causal_reads'};
@@ -3383,6 +5151,7 @@
else {
badprint
"There are $nbNodesSize nodes in wsrep_cluster_size. Prefer 3 or 5 nodes architecture.";
+ push @generalrec, "Prefer 3 or 5 nodes architecture.";
}
# wsrep_cluster_address doesn't include garbd nodes
@@ -3555,9 +5324,24 @@
infoprint " +-- InnoDB Additional Mem Pool: "
. hr_bytes( $myvar{'innodb_additional_mem_pool_size'} ) . "";
}
+ if ( defined $myvar{'innodb_log_file_size'} ) {
+ infoprint " +-- InnoDB Log File Size: "
+ . hr_bytes( $myvar{'innodb_log_file_size'} ) . "("
+ . $mycalc{'innodb_log_size_pct'}
+ . " % of buffer pool)";
+ }
+ if ( defined $myvar{'innodb_log_files_in_group'} ) {
+ infoprint " +-- InnoDB Log File In Group: "
+ . $myvar{'innodb_log_files_in_group'};
+ }
+ if ( defined $myvar{'innodb_log_files_in_group'} ) {
+ infoprint " +-- InnoDB Total Log File Size: "
+ . hr_bytes( $myvar{'innodb_log_files_in_group'} *
+ $myvar{'innodb_log_file_size'} );
+ }
if ( defined $myvar{'innodb_log_buffer_size'} ) {
infoprint " +-- InnoDB Log Buffer: "
- . hr_bytes( $myvar{'innodb_log_buffer_size'} ) . "";
+ . hr_bytes( $myvar{'innodb_log_buffer_size'} );
}
if ( defined $mystat{'Innodb_buffer_pool_pages_free'} ) {
infoprint " +-- InnoDB Log Buffer Free: "
@@ -3568,6 +5352,19 @@
. hr_bytes( $mystat{'Innodb_buffer_pool_pages_total'} ) . "";
}
}
+ if ( defined $myvar{'innodb_thread_concurrency'} ) {
+ infoprint "InnoDB Thread Concurrency: "
+ . $myvar{'innodb_thread_concurrency'};
+ }
+
+ # InnoDB Buffer Pull Size
+ if ( $myvar{'innodb_file_per_table'} eq "ON" ) {
+ goodprint "InnoDB File per table is activated";
+ }
+ else {
+ badprint "InnoDB File per table is not activated";
+ push( @adjvars, "innodb_file_per_table=ON" );
+ }
# InnoDB Buffer Pull Size
if ( $myvar{'innodb_buffer_pool_size'} > $enginestats{'InnoDB'} ) {
@@ -3584,6 +5381,32 @@
. hr_bytes_rnd( $enginestats{'InnoDB'} )
. ") if possible." );
}
+ if ( $mycalc{'innodb_log_size_pct'} < 20
+ or $mycalc{'innodb_log_size_pct'} > 30 )
+ {
+ badprint "Ratio InnoDB log file size / InnoDB Buffer pool size ("
+ . $mycalc{'innodb_log_size_pct'} . " %): "
+ . hr_bytes( $myvar{'innodb_log_file_size'} ) . " * "
+ . $myvar{'innodb_log_files_in_group'} . "/"
+ . hr_bytes( $myvar{'innodb_buffer_pool_size'} )
+ . " should be equal 25%";
+ push(
+ @adjvars,
+"innodb_log_file_size * innodb_log_files_in_group should be equal to 1/4 of buffer pool size (="
+ . hr_bytes_rnd(
+ $myvar{'innodb_buffer_pool_size'} *
+ $myvar{'innodb_log_files_in_group'} / 4
+ )
+ . ") if possible."
+ );
+ }
+ else {
+ goodprint "InnoDB log file size / InnoDB Buffer pool size: "
+ . hr_bytes( $myvar{'innodb_log_file_size'} ) . " * "
+ . $myvar{'innodb_log_files_in_group'} . "/"
+ . hr_bytes( $myvar{'innodb_buffer_pool_size'} )
+ . " should be equal 25%";
+ }
# InnoDB Buffer Pull Instances (MySQL 5.6.6+)
if ( defined( $myvar{'innodb_buffer_pool_instances'} ) ) {
@@ -3626,7 +5449,7 @@
else {
if ( $myvar{'innodb_buffer_pool_instances'} != 1 ) {
badprint
-"InnoDB buffer pool <= 1G and innodb_buffer_pool_instances(!=1).";
+"InnoDB buffer pool <= 1G and Innodb_buffer_pool_instances(!=1).";
push( @adjvars, "innodb_buffer_pool_instances (=1)" );
}
else {
@@ -3656,11 +5479,11 @@
)
{
goodprint
-"innodb_buffer_pool_size is aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances";
+"Innodb_buffer_pool_size aligned with Innodb_buffer_pool_chunk_size & Innodb_buffer_pool_instances";
}
else {
badprint
-"innodb_buffer_pool_size is not aligned with value innodb_buffer_pool_chunk_size and innodb_buffer_pool_instances";
+"Innodb_buffer_pool_size aligned with Innodb_buffer_pool_chunk_size & Innodb_buffer_pool_instances";
#push( @adjvars, "Adjust innodb_buffer_pool_instances, innodb_buffer_pool_chunk_size with innodb_buffer_pool_size" );
push( @adjvars,
@@ -3821,7 +5644,7 @@
. (
join ", ",
select_array(
-"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';"
+"SELECT DISTINCT(TABLE_COLLATION) FROM information_schema.TABLES WHERE TABLE_SCHEMA='$_';"
)
) . ")";
infoprint " +-- ROWS : "
@@ -3843,7 +5666,9 @@
)
) . ")";
badprint "Index size is larger than data size for $dbinfo[0] \n"
- if $dbinfo[2] < $dbinfo[3];
+ if ( $dbinfo[2] ne 'NULL' )
+ and ( $dbinfo[3] ne 'NULL' )
+ and ( $dbinfo[2] < $dbinfo[3] );
badprint "There are " . $dbinfo[5] . " storage engines. Be careful. \n"
if $dbinfo[5] > 1;
$result{'Databases'}{ $dbinfo[0] }{'Rows'} = $dbinfo[1];
@@ -3886,13 +5711,13 @@
}
my @distinct_column_charset = select_array(
-"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"
+"select DISTINCT(CHARACTER_SET_NAME) from information_schema.COLUMNS where CHARACTER_SET_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"
);
infoprint "Charsets for $dbinfo[0] database table column: "
. join( ', ', @distinct_column_charset );
if ( scalar(@distinct_column_charset) > 1 ) {
badprint $dbinfo[0]
- . " table column(s) has several charsets defined for all text like column(s).";
+ . " table column(s) has several charsets defined for all text like column(s).";
push( @generalrec,
"Limit charset for column to one charset if possible for "
. $dbinfo[0]
@@ -3904,13 +5729,13 @@
}
my @distinct_column_collation = select_array(
-"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"
+"select DISTINCT(COLLATION_NAME) from information_schema.COLUMNS where COLLATION_NAME IS NOT NULL AND TABLE_SCHEMA ='$_'"
);
infoprint "Collations for $dbinfo[0] database table column: "
. join( ', ', @distinct_column_collation );
if ( scalar(@distinct_column_collation) > 1 ) {
badprint $dbinfo[0]
- . " table column(s) has several collations defined for all text like column(s).";
+ . " table column(s) has several collations defined for all text like column(s).";
push( @generalrec,
"Limit collations for column to one collation if possible for "
. $dbinfo[0]
@@ -3948,7 +5773,7 @@
, s2.max_columns AS 'maxcol'
, s.CARDINALITY AS 'card'
, t.TABLE_ROWS AS 'est_rows'
- , INDEX_TYPE as type
+ , INDEX_TYPE as type
, ROUND(((s.CARDINALITY / IFNULL(t.TABLE_ROWS, 0.01)) * 100), 2) AS 'sel'
FROM INFORMATION_SCHEMA.STATISTICS s
INNER JOIN INFORMATION_SCHEMA.TABLES t
@@ -3982,7 +5807,7 @@
my @info = split /\s/;
infoprint "Index: " . $info[1] . "";
- infoprint " +-- COLUNM : " . $info[0] . "";
+ infoprint " +-- COLUMN : " . $info[0] . "";
infoprint " +-- NB SEQS : " . $info[2] . " sequence(s)";
infoprint " +-- NB COLS : " . $info[3] . " column(s)";
infoprint " +-- CARDINALITY : " . $info[4] . " distinct values";
@@ -3990,10 +5815,10 @@
infoprint " +-- TYPE : " . $info[6];
infoprint " +-- SELECTIVITY : " . $info[7] . "%";
- $result{'Indexes'}{ $info[1] }{'Colunm'} = $info[0];
+ $result{'Indexes'}{ $info[1] }{'Column'} = $info[0];
$result{'Indexes'}{ $info[1] }{'Sequence number'} = $info[2];
- $result{'Indexes'}{ $info[1] }{'Number of collunm'} = $info[3];
- $result{'Indexes'}{ $info[1] }{'Cardianality'} = $info[4];
+ $result{'Indexes'}{ $info[1] }{'Number of column'} = $info[3];
+ $result{'Indexes'}{ $info[1] }{'Cardinality'} = $info[4];
$result{'Indexes'}{ $info[1] }{'Row number'} = $info[5];
$result{'Indexes'}{ $info[1] }{'Index Type'} = $info[6];
$result{'Indexes'}{ $info[1] }{'Selectivity'} = $info[7];
@@ -4182,6 +6007,7 @@
check_architecture; # Suggest 64-bit upgrade
system_recommendations; # avoid to many service on the same host
+log_file_recommandations; # check log file content
check_storage_engines; # Show enabled storage engines
mysql_databases; # Show informations about databases
mysql_indexes; # Show informations about indexes
@@ -4192,10 +6018,14 @@
mysqsl_pfs; # Print Performance schema info
mariadb_threadpool; # Print MaraiDB ThreadPool stats
mysql_myisam; # Print MyISAM stats
-mariadb_ariadb; # Print MaraiDB AriaDB stats
mysql_innodb; # Print InnoDB stats
-mariadb_tokudb; # Print MaraiDB TokuDB stats
-mariadb_galera; # Print MaraiDB Galera Cluster stats
+mariadb_ariadb; # Print MaraiDB AriaDB stats
+mariadb_tokudb; # Print MariaDB Tokudb stats
+mariadb_xtradb; # Print MariaDB XtraDB stats
+mariadb_rockdb; # Print MariaDB RockDB stats
+mariadb_spider; # Print MariaDB Spider stats
+mariadb_connect; # Print MariaDB Connect stats
+mariadb_galera; # Print MariaDB Galera Cluster stats
get_replication_status; # Print replication info
make_recommendations; # Make recommendations based on stats
dump_result; # Dump result if debug is on
@@ -4207,14 +6037,13 @@
1;
__END__
-
=pod
=encoding UTF-8
=head1 NAME
- MySQLTuner 1.6.18 - MySQL High Performance Tuning Script
+ MySQLTuner 1.7.2 - MySQL High Performance Tuning Script
=head1 IMPORTANT USAGE GUIDELINES
@@ -4229,10 +6058,12 @@
--socket Use a different socket for a local connection
--port Port to use for connection (default: 3306)
--user Username to use for authentication
+ --userenv Name of env variable which contains username to use for authentication
--pass Password to use for authentication
+ --passenv Name of env variable which contains password to use for authentication
--mysqladmin Path to a custom mysqladmin executable
--mysqlcmd Path to a custom mysql executable
-
+ --defaults-file Path to a custom .my.cnf
=head1 PERFORMANCE AND REPORTING OPTIONS
--skipsize Don't enumerate tables and their types/sizes (default: on)
@@ -4254,9 +6085,10 @@
--dbstat Print database information
--idxstat Print index information
--sysstat Print system information
+ --pfstat Print Performance schema
--bannedports Ports banned separated by comma(,)
--maxportallowed Number of ports opened allowed on this hosts
- --cvefile CVE File for vulnerability checks
+ --cvefile CVE File for vulnerability checks
--nocolor Don't print output in color
--json Print result as JSON string
--buffers Print global and per-thread buffer values
@@ -4439,7 +6271,7 @@
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2006-2015 Major Hayden - major@mhtx.net
+Copyright (C) 2006-2017 Major Hayden - major@mhtx.net
For the latest updates, please visit http://mysqltuner.com/
diff -Nru mysqltuner-1.6.18/README.fr.md mysqltuner-1.7.2/README.fr.md
--- mysqltuner-1.6.18/README.fr.md 1970-01-01 00:00:00.000000000 +0000
+++ mysqltuner-1.7.2/README.fr.md 2017-05-17 15:38:17.000000000 +0000
@@ -0,0 +1,236 @@
+MySQLTuner-perl
+====
+[](https://travis-ci.org/major/MySQLTuner-perl)
+[](http://opensource.box.com/badges)
+[](http://opensource.box.com/badges)
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
+
+**MySQLTuner** est un script écrit en Perl qui permet d'effectuer une revue de configuration pour MySQL/MAriaDB/PerconaDB rapidement et propose des ajustements pour améliorer la performance et la stabilité du serveur. L'état des variables et statuts est analysé et présenté de manière synthétique et structurée ainsi que plusieurs suggestions basiques concernant la performance.
+
+**MySQLTuner** supporte dans a dernière version plus de ~300 indicators pour MySQL/MariaDB/Percona Server.
+
+**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration sush as , , , Linux OS metrics, , , , ...
+
+You can found more details on this indicators
+.
+
+
+
+
+MySQLTuner needs you:
+===
+
+**MySQLTuner** needs contributors for documentation, code and feedbacks..
+
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
+Compatibility:
+====
+
+* MySQL 5.7 (full support)
+* MySQL 5.6 (full support)
+* MySQL 5.5 (full support)
+* MariaDB 10.1 (full support)
+* MariaDB 10.0 (full support)
+* Percona Server 5.6 (full support)
+* Percona XtraDB cluster (full support)
+* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (partial support - deprecated version)
+* Perl 5.6 or later (with [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod) package)
+* Unix/Linux based operating system (tested on Linux, BSD variants, and Solaris variants)
+* Windows is not supported at this time (Help wanted !!!!!)
+* Unrestricted read access to the MySQL server (OS root access recommended for MySQL < 5.1)
+* CVE vulnerabilites detection support from [https://cve.mitre.org](https://cve.mitre.org)
+
+***WARNING***
+--
+It is **extremely important** for you to fully understand each change
+you make to a MySQL database server. If you don't understand portions
+of the script's output, or if you don't understand the recommendations,
+**you should consult** a knowledgeable DBA or system administrator
+that you trust. **Always** test your changes on staging environments, and
+always keep in mind that improvements in one area can **negatively affect**
+MySQL in other areas.
+
+**Seriously - please review the FAQ section below.**
+
+What MySQLTuner is checking exactly ?
+--
+All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
+
+Download/Installation
+--
+
+You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is:
+
+ wget http://mysqltuner.pl/ -O mysqltuner.pl
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
+ perl mysqltuner.pl
+
+Of course, you can add the execute bit (`chmod +x mysqltuner.pl`) so you can execute it without calling perl directly.
+
+Specific usage
+--
+
+__Usage:__ Minimal usage locally
+
+ perl mysqltuner.pl
+
+__Usage:__ Minimal usage remotely
+
+ perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
+
+__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
+
+ perl mysqltuner.pl --verbose
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
+
+
+__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
+
+ perl mysqltuner.pl --cvefile=vulnerabilities.csv
+
+__Usage:__ Write your result in a file with information displayed
+
+ perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
+
+__Usage:__ Write your result in a file **without outputting information**
+
+ perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
+
+__Usage:__ Using template model to customize your reporting file based on [Text::Template](https://metacpan.org/pod/Text::Template) syntax.
+
+ perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
+
+__Usage:__ Enable debugging information
+
+ perl mysqltuner.pl --debug
+
+FAQ
+--
+
+**Question: Will MySQLTuner fix my slow MySQL server?**
+
+**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
+
+**Question: Can I fire my DBA now?**
+
+**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call.
+
+**Question: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?**
+
+The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains:
+
+ [client]
+ user=someusername
+ pass=thatuserspassword
+
+Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
+
+**Question: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?**
+
+You could use mysql_config_editor utilities.
+
+ $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
+ Enter passord: ********
+ $
+
+At this time, ~/.mylogin.cnf has been written with appropriated rigth access.
+
+To get information about stored credentials, use the following command:
+
+ $mysql_config_editor print
+ [client]
+ user = someusername
+ password = *****
+ host = localhost
+
+**Question: What's minimum privileges needed by a specific mysqltuner user in database ?**
+
+ mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234;
+
+**Question: It's not working on my OS! What gives?!**
+
+These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly:
+
+* OS and OS version
+* Architecture (x86, x86_64, IA64, Commodore 64)
+* Exact MySQL version
+* Where you obtained your MySQL version (OS package, source, etc)
+* The full text of the error
+* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
+
+**Question: How to perform a CVE vulneralibity checks ?**
+
+* Download vulnerabilities.csv from this repository.
+* use option --cvefile to perform CVE checks
+
+**Question: How to use mysqltuner from remote host ?**
+Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
+
+* You will still have to connect like a mysql client:
+
+Connection and Authentication
+
+ --host Connect to a remote host to perform tests (default: localhost)
+ --socket Use a different socket for a local connection
+ --port Port to use for connection (default: 3306)
+ --user Username to use for authentication
+ --pass Password to use for authentication
+ --defaults-file defaulfs file for credentials
+
+Since you are using a remote host, use parameters to supply values from the OS
+
+ --forcemem Amount of RAM installed in megabytes
+ --forceswap Amount of swap memory configured in megabytes
+
+* You may have to contact your remote SysAdmin to ask how much RAM and swap you have
+
+If the database has too many tables, or very large table, use this:
+
+ --skipsize Don't enumerate tables and their types/sizes (default: on)
+ (Recommended for servers with many tables)
+
+MySQLTuner and Vagrant
+--
+**MySQLTuner** contains following Vagrant configurations:
+* Fedora Core 23 / MariaDB 10.0
+* Fedora Core 23 / MariaDB 10.1
+* Fedora Core 23 / MySQL 5.6
+* Fedora Core 23 / MySQL 5.7
+
+**Vagrant File** are stored in Vagrant subdirectory.
+* Follow this 2 steps after vagrant installation:
+* Rename VagrantFile_for_Mxxx into Vagrantfile
+* vagrant up
+
+**MySQLTuner** contains a Vagrant configurations for test purpose and development
+* Install VirtualBox and Vagrant
+ * https://www.virtualbox.org/wiki/Downloads
+ * https://www.vagrantup.com/downloads.html
+* Clone repository
+ * git clone https://github.com/major/MySQLTuner-perl.git
+* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
+ * vagrant plugin install vagrant-hostmanager
+ * vagrant plugin install vagrant-vbguest
+* Add Fedora Core 23 box for official Fedora Download Website
+ * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
+* Create a data directory
+ * mkdir data
+* Rename Vagrantfile_MariaDB10.0 into Vagrantfile
+ * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile
+* Start vagrant
+ * vagrant up
+
+MySQLTuner a besoin de vous
+--
+**MySQLTuner** a besoin de contributeurs pour la documentation, le code, des tests et des retours d'expérience.
+
+* Rejoignez-nous sur le suivi de ticket à [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Le guide de contribution en anglais est disponible ici [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Ajouter une étoile à **MySQLTuner project** ici [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
diff -Nru mysqltuner-1.6.18/README.it.md mysqltuner-1.7.2/README.it.md
--- mysqltuner-1.6.18/README.it.md 1970-01-01 00:00:00.000000000 +0000
+++ mysqltuner-1.7.2/README.it.md 2017-05-17 15:38:17.000000000 +0000
@@ -0,0 +1,238 @@
+MySQLTuner-perl
+====
+[](https://travis-ci.org/major/MySQLTuner-perl)
+[](http://opensource.box.com/badges)
+[](http://opensource.box.com/badges)
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
+
+**MySQLTuner** è uno script Perl che permette di analizzare velocemente una installazione di MySQL, nonché di apportare modifiche per migliorare le prestazioni e la stabilità. In modo coinciso sono riportati lo stato attuale delle variabili di configurazione e i dati sullo stato del sistema, corredati da suggerimenti di base per il miglioramento delle prestazioni.
+
+**MySQLTuner** supporta, in quest'ultima versione, circa 250 indicatori per i server MySQL/MariaDB/Percona.
+
+**MySQLTuner** è attivamente manutenuto e nuovi indicatori sono aggiunti di settimana in settimana, supportando un gran numero di configurazioni tra le quali , , , metriche relative al SO Linux, , , , ...
+
+Maggiori dettagli sugli indicatori
+.
+
+
+
+
+MySQLTuner ha bisogno di te:
+===
+
+**MySQLTuner** ha bisogno di collaboratori per documentazione, codice e suggerimenti ..
+
+* Problemi e suggerimenti possono essere riportati su [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* La guida per contribuire è disponibile in inglese: [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Dai un Stella a **MySQLTuner project** su [GitHub](https://github.com/major/MySQLTuner-perl)
+
+Compatibilità:
+====
+
+* MySQL 5.7 (pieno supporto)
+* MySQL 5.6 (pieno supporto)
+* MySQL 5.5 (pieno supporto)
+* MariaDB 10.1 (pieno supporto)
+* MariaDB 10.0 (pieno supporto)
+* Percona Server 5.6 (pieno supporto)
+* Percona XtraDB cluster (pieno supporto)
+* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (supporto parziale - versione deprecata)
+* Perl 5.6 o successivi (col pacchetto [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod))
+* Sistemi operativi basati su Unix/Linux (testato su Linux, varianti di BSD e di Solaris)
+* Windows non è supportato al momento (gradito aiuto!!!!!)
+* Accesso completo in lettura al server MySQL (accesso root a livello di SO raccomandato per MySQL < 5.1)
+* supporto al rilevamento di vulnerabilità CVE da [https://cve.mitre.org](https://cve.mitre.org)
+
+***ATTENZIONE***
+--
+È **estremamente importante** che tu capisca appieno ogni singola modifica apportata alla configurazione del server MySQL.
+Qualora non capissi appieno qualche parte dell'output dello script o se non capissi quanto raccomandato **dovresti consultare** un DBA esperto o un amministratore di sistema di cui hai fiducia.
+Testa **sempre** le modifiche su ambienti ad hoc e tieni sempre presente che miglioramenti in un settore potrebbero **influenzare negativamente** MySQL in altri settori.
+
+**Seriamente - consulta la sezione FAQ che segue.**
+
+Cosa verifica esattamente MySQLTuner ?
+--
+Tutti i controlli effettuati da **MySQLTuner** sono documentati in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md).
+
+Download/Installazione
+--
+
+Si può semplicemente scaricare l'intero codice utilizzando `git clone` seguito dalla URL riportata sopra.
+Il modo più semplice è il seguente:
+
+ wget http://mysqltuner.pl/ -O mysqltuner.pl
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
+ perl mysqltuner.pl
+
+Ovviamente è possibile assegnare il permesso di esecuzione in modo da poter lanciare il comando senza chiamare l'interprete `perl` (`chmod +x mysqltuner.pl`).
+
+Casi d'uso
+--
+
+__Uso:__ Minimale locale
+
+ perl mysqltuner.pl
+
+__Uso:__ Minimale da remoto
+
+ perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
+
+__Uso:__ Abilitando il massimo livello di informazione in output su MySQL/MariaDb senza usare l'optione di debug
+
+ perl mysqltuner.pl --verbose
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
+
+
+__Uso:__ Abilitando la verifica delle vulnerabilità CVE per la versione di MariaDB o MySQL installata
+
+ perl mysqltuner.pl --cvefile=vulnerabilities.csv
+
+__Uso:__ Salvando i risultati su un file con le stesse informazione mostrate a video
+
+ perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
+
+__Uso:__ Salvando i risultati su un file **senza mostrare nulla a video**
+
+ perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
+
+__Uso:__ Utilizzando un modello per personalizzare il file di output, con la sintassi di [Text::Template](https://metacpan.org/pod/Text::Template).
+
+ perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
+
+__Uso:__ Abilitando la modalità di debug
+
+ perl mysqltuner.pl --debug
+
+FAQ
+--
+
+**Domanda: MySQLTuner sistemerà il mio server MySQL lento?**
+
+**No.** MySQLTuner è uno script che legge solamente. Non scriverà alcun file di configurazione, non modificherà lo stato di alcun demone né chiamerà tua madre per augurarle buon compleanno.
+Ti darà una panoramica delle prestazioni del tuo server, facendo alcune raccomandazioni basilari circa i miglioramenti che tu puoi apportare. *assicurati di leggere l'avviso precedente prima di seguire qualsiasi raccomandazione.*
+
+**Domanda: Posso eliminare il mio DBA ora?**
+
+**MySQLTuner non sostituirà il tuo DBA in alcun modo.** Se il tuo DBA continuamente occupa il tuo parcheggio e ruba il tuo cibo dal frigo puoi considerare l'opzione - ma resta una tua scelta.
+
+**Domanda: Perché MySQLTuner continua a chiedermi ogni volta le credenziali di login di MySQL?**
+
+Lo script cerca di arguirle in ogni modo possibile. Cercando file `~/.my.cnf`, file di password di Plesk e provando il login di root con password vuota.
+Se nessuno di questi modi ha successo, allora la password viene richiesta. Se preferisci che lo script giri in modo automatico, senza interazione con l'utente, allora crea un file `.my.cnf` nella tua cartella home che contenga:
+
+ [client]
+ user=someusername
+ pass=thatuserspassword
+
+Una volta creato, assicurati che tu sia il proprietario (owner) e che i permessi siano 0600. Questo dovrebbe preservare le tue credenziali di login per i database da occhi indiscreti, in condizioni normali.
+Se un [Terminator modello T-1000 apparisse vestito da Carabiniere](https://it.wikipedia.org/wiki/T-1000) e chiedesse le tue credenziali non avresti poi tante scelte.
+
+**Domanda: C'è qualche altro modo per rendere sicure le credenziali sulle ultime versioni di MySQL e MariaDB ?**
+
+Potresti utilizzare il comando `mysql_config_editor`.
+
+ $ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
+ Enter passord: ********
+ $
+
+Che crea il file `~/.mylogin.cnf` con i prmessi di accesso appropriati.
+
+Per avere informazioni sulle credenziali salvate, si usi ilseguente comando:
+
+ $mysql_config_editor print
+ [client]
+ user = someusername
+ password = *****
+ host = localhost
+
+**Domanda: Quali sono i privilegi minimi, nel database, necessari per un utente *mysqltuner* ad hoc ?**
+
+ mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234;
+
+**Domanda: Non funziona sul mio SO! Che succede?!**
+
+Questo genere di cose sono destinate ad accadere. Ecco i dettagli di cui ho bisogno per indagare sul problema:
+
+* SO e versione del SO
+* Architettura (x86, x86_64, IA64, Commodore 64)
+* Versione esatta di MySQL
+* Da dove viene la tua versione di MySQL (pacchetto del SO, sorgenti, etc.)
+* Il testo completo dell'errore
+* L'output dei comandi `SHOW VARIABLES;` e `SHOW GLOBAL STATUS;`(se possibile)
+
+**Domanda: Come eseguo il check per le vulnerabilità CVE ?**
+
+* Scarica il file `vulnerabilities.csv`da questo repository.
+* Usa l'opzione `--cvefile` per eseguire i test delle CVE
+
+**Domanda: Come uso mysqltuner da un altro computer ?**
+Grazie a [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
+
+* You will still have to connect like a mysql client:
+* Ti dovrai collegare come un client mysql:
+
+Connessione e Autenticazione
+
+ --host Si connette a un host remoto per eseguire i test (default: localhost)
+ --socket Usa un socket per effettuare una connessione locale
+ --port Porta per la connessione (default: 3306)
+ --user Username per l'autenticazione
+ --pass Password per l'autenticazione
+ --defaults-file defaults file per le credenziali
+
+Poiché si sta utilizzando un host remoto, si utilizzino i seguenti parametri per fornire allo script i valori del SO
+
+ --forcemem Valore della RAM installata, in megabyte
+ --forceswap Valore della memoria di swap configurata, in megabyte
+
+* Potresti dover contattare il sistemista del server remoto per conoscere i valori di RAM e swap
+
+Se il database ha troppe tabelle, o tabelle veramente grandi, si usi:
+
+ --skipsize Non elenca le tabelle ed i rispettivi tipi e dimensioni (default: on)
+ (Raccomandato per server con molte tabelle)
+
+MySQLTuner e Vagrant
+--
+**MySQLTuner** contiene le seguenti configurazioni per Vagrant:
+* Fedora Core 23 / MariaDB 10.0
+* Fedora Core 23 / MariaDB 10.1
+* Fedora Core 23 / MySQL 5.6
+* Fedora Core 23 / MySQL 5.7
+
+**Vagrant File** sono collocati nella sotto-directory di Vagrant.
+* Segui questi due passaggi dopo l'installazione di Vagrant:
+ * Rinominare `VagrantFile_for_Mxxx` in `Vagrantfile`
+ * `vagrant up`
+
+**MySQLTuner** contiene una configurazione Vagrant a scopo di test e sviluppo
+* Installare VirtualBox e Vagrant
+ * https://www.virtualbox.org/wiki/Downloads
+ * https://www.vagrantup.com/downloads.html
+* Clone del repository
+ * git clone https://github.com/major/MySQLTuner-perl.git
+* Installare i plugin di Vagrant `vagrant-hostmanager` e `vagrant-vbguest`
+ * `vagrant plugin install vagrant-hostmanager`
+ * `vagrant plugin install vagrant-vbguest`
+* Aggiungere un box Fedora Core 23 dal sito ufficiale di Fedora
+ * `vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box`
+* Creare una directory `data`
+ * `mkdir data`
+* Rinominare `Vagrantfile_MariaDB10.0` in `Vagrantfile`
+ * `cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile`
+* Start vagrant
+ * `vagrant up`
+
+MySQLTuner ha bisogno di te:
+--
+
+**MySQLTuner** ha bisogno di collaboratori per documentazione, codice e suggerimenti ..
+
+* Problemi e suggerimenti possono essere riportati su [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* La guida per contribuire è disponibile in inglese: [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Dai un Stella a **MySQLTuner project** su [GitHub](https://github.com/major/MySQLTuner-perl)
+
diff -Nru mysqltuner-1.6.18/README.md mysqltuner-1.7.2/README.md
--- mysqltuner-1.6.18/README.md 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/README.md 2017-05-17 15:38:17.000000000 +0000
@@ -5,8 +5,16 @@
[](http://opensource.box.com/badges)
[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
-MySQLTuner is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions.
+**MySQLTuner** is a script written in Perl that allows you to review a MySQL installation quickly and make adjustments to increase performance and stability. The current configuration variables and status data is retrieved and presented in a brief format along with some basic performance suggestions.
+
+**MySQLTuner** supports in this last version ~300 indicators for MySQL/MariaDB/Percona Server.
+
+**MySQLTuner** is maintained and indicator collect is increasing week after week supporting a lot of configuration such as [Galera Cluster](http://galeracluster.com/), [TokuDB](https://www.percona.com/software/mysql-database/percona-tokudb), [Performance schema](https://github.com/mysql/mysql-sys), Linux OS metrics, [InnoDB](http://dev.mysql.com/doc/refman/5.7/en/innodb-storage-engine.html), [MyISAM](http://dev.mysql.com/doc/refman/5.7/en/myisam-storage-engine.html), [Aria](https://mariadb.com/kb/en/mariadb/aria/), ...
+
+You can find more details on these indicators here:
+[Indicators description](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md).
@@ -16,17 +24,17 @@
**MySQLTuner** needs contributors for documentation, code and feedbacks..
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
-* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Contribution guide is available following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
Compatibility:
====
-* MySQL 5.7 (partial support)
+* MySQL 5.7 (full support)
* MySQL 5.6 (full support)
* MySQL 5.5 (full support)
-* MariaDB 10.1 (partial support)
+* MariaDB 10.1 (full support)
* MariaDB 10.0 (full support)
* Percona Server 5.6 (full support)
* Percona XtraDB cluster (full support)
@@ -49,6 +57,14 @@
**Seriously - please review the FAQ section below.**
+
+Security recommandations
+--
+
+Hi directadmin user!
+We detected that you run mysqltuner with da_admin's credentials taken from /usr/local/directadmin/conf/my.cnf, which might bring to a password discovery!
+Read link for more details [Issue #289](https://github.com/major/MySQLTuner-perl/issues/289).
+
What MySQLTuner is checking exactly ?
--
All checks done by **MySQLTuner** are documented in [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md) documentation.
@@ -78,7 +94,9 @@
__Usage:__ Enable maximum output information around MySQL/MariaDb without debugging
- perl mysqltuner.pl --buffers --dbstat --idxstat
+ perl mysqltuner.pl --verbose
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
+
__Usage:__ Enable CVE vulnerabilities check for your MariaDB or MySQL version
@@ -154,12 +172,12 @@
* The full text of the error
* A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
-**Question: How to perform a CVE vulneralibity checks ?**
+**Question: How to perform CVE vulnerability checks?**
* Download vulnerabilities.csv from this repository.
* use option --cvefile to perform CVE checks
-**Question: How to use mysqltuner from remote host ?**
+**Question: How to use mysqltuner from a remote host?**
Thanks to [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
* You will still have to connect like a mysql client:
@@ -171,6 +189,7 @@
--port Port to use for connection (default: 3306)
--user Username to use for authentication
--pass Password to use for authentication
+ --defaults-file defaulfs file for credentials
Since you are using a remote host, use parameters to supply values from the OS
@@ -219,7 +238,7 @@
--
**MySQLTuner** needs contributors for documentation, code and feedbacks..
-* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Please join us on issue track at [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
* Contribution guide is avalaible following [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
* Star **MySQLTuner project** at [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
diff -Nru mysqltuner-1.6.18/README.ru.md mysqltuner-1.7.2/README.ru.md
--- mysqltuner-1.6.18/README.ru.md 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/README.ru.md 2017-05-17 15:38:17.000000000 +0000
@@ -1,23 +1,50 @@
MySQLTuner-perl
====
+[](https://travis-ci.org/major/MySQLTuner-perl)
+[](http://opensource.box.com/badges)
+[](http://opensource.box.com/badges)
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Average time to resolve an issue")
+[](http://isitmaintained.com/project/major/MySQLTuner-perl "Percentage of issues still open")
+[](https://opensource.org/licenses/GPL-3.0/)
-MySQLTuner это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL
+**MySQLTuner** - это скрипт, написанный на Perl, который позволяет быстро произвести осмотр текущего состояния сервера баз данных MySQL
и составить рекомендации для увеличения производительности и стабильности работы. Выводятся текущие параметры конфигурации
и информация о состоянии в формате отчета с основными подсказками по оптимизации.
-Совместимость:
+**MySQLTuner** поддерживает порядка 300 показателей для MySQL/MariaDB/Percona Server последних версий.
+
+**MySQLTuner** поддерживает сбор показателей для множества таких конфигураций, как , , , Linux OS metrics, , , , ...
+
+Вы можете найти больше информации об этих показателях на
+.
+
+
+
+
+MySQLTuner нуждается в вас:
+===
+
+**MySQLTuner** нуждается в вашем вкладе в документацию и код, а так же ждёт обратную связь.
+* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Ставьте "звезды" **проекту MySQLTuner** на [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
+
+Совместимость:
+====
* MySQL 5.7 (полная поддержка)
* MySQL 5.6 (полная поддержка)
-* MariaDB 10.0 (полная поддержка)
-* MariaDB 10.1 (полная поддержка)
* MySQL 5.5 (полная поддержка)
-* MySQL 5.1 (полная поддержка)
-* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (полная поддержка)
-* Perl 5.6 или более поздний
+* MariaDB 10.1 (полная поддержка)
+* MariaDB 10.0 (полная поддержка)
+* Percona Server 5.6 (полнлая поддержка)
+* Percona XtraDB cluster (полная поддержка)
+* MySQL 3.23, 4.0, 4.1, 5.0, 5.1 (частичная поддержка - устаревшие версии)
+* Perl 5.6 или более поздний (с пакетом [perl-doc](http://search.cpan.org/~dapm/perl-5.14.4/pod/perldoc.pod))
* Операционная система семейства Unix/Linux (протестировано на Linux, различных вариациях BSD и Solaris)
-* Windows не поддерживается на данное время
+* Windows не поддерживается на данное время (Необходима помощь!!!!!)
* Неограниченный доступ на чтение для MySQL-сервера (Для работы с MySQL < 5.1 требуется root-доступ к серверу)
+* Поддержка детектирования CVE уязвимостей из [https://cve.mitre.org](https://cve.mitre.org)
Пожалуйста, прочитайте раздел ЧаВо, который расположен чуть ниже.
@@ -34,53 +61,91 @@
**Серьезно - прочитайте раздел ЧаВо, который расположен чуть ниже.**
-ПРЕДУПРЕЖДЕНИЕ
+Что именно проверяет MySQLTuner?
--
+Все проверки, что выполняет **MySQLTuner**, задокументированы в [MySQLTuner Internals](https://github.com/major/MySQLTuner-perl/blob/master/INTERNALS.md)
Загрузка/Установка
--
-You can download the entire repository by using 'git clone' followed by the cloning URL above. The simplest and shortest method is:
+Вы можете скачать весь репозиторий с помощью 'git clone' c URL текущего репозитория. Самый простой и короткий метод:
wget http://mysqltuner.pl/ -O mysqltuner.pl
wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/basic_passwords.txt -O basic_passwords.txt
+ wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/vulnerabilities.csv -O vulnerabilities.csv
perl mysqltuner.pl
-Of course, you can add the execute bit (chmod +x mysqltuner.pl) so you can execute it without calling perl directly.
+Конечно, вам нужно будет добавить права на выполнение скрипта (chmod +x mysqltuner.pl), если вы хотите запускать его напрямую, без указания perl.
+
+
+Примеры использования
+--
+
+__Пример:__ Минимальный локальный запуск
+
+ perl mysqltuner.pl
+
+__Пример:__ Минимальный удаленный запуск
+
+ perl mysqltuner.pl --host targetDNS_IP --user admin_user --pass admin_password
+
+__Пример:__ Включение максимамльного вывода информации о MySQL/MariaDb без отладочной информации
+
+ perl mysqltuner.pl --verbose
+ perl mysqltuner.pl --buffers --dbstat --idxstat --sysstat --pfstat
+
+
+__Пример:__ Включение проверки на CVE уязвимости для MariaDB или MySQL
+ perl mysqltuner.pl --cvefile=vulnerabilities.csv
+
+__Пример:__ Запись результата в файл с отображением информации
+
+ perl mysqltuner.pl --outputfile /tmp/result_mysqltuner.txt
+
+__Пример:__ Запись результата в файл **без вывода информации**
+
+ perl mysqltuner.pl --silent --outputfile /tmp/result_mysqltuner.txt
+
+__Пример:__ Использование шаблона для кастомизации отчетов, сохраняющихся в файл на базе синтаксиса [Text::Template](https://metacpan.org/pod/Text::Template).
+
+ perl mysqltuner.pl --silent --reportfile /tmp/result_mysqltuner.txt --template=/tmp/mymodel.tmpl
+
+__Пример:__ Включение вывода отладочной информации
+
+ perl mysqltuner.pl --debug
ЧаВо
--
-Вопрос: Will MySQLTuner fix my slow MySQL server?
+**Вопрос: MySQLTuner починит мой медленный MySQL сервер?**
-**No.** MySQLTuner is a read only script. It won't write to any configuration files, change the status of any daemons, or call your mother to wish her a happy birthday. It will give you an overview of your server's performance and make some basic recommendations about improvements that you can make after it completes. *Make sure you read the warning above prior to following any recommendations.*
+**Нет.** MySQLTuner работает только на чтение. Он не будет записывать какие-либо конфигурационные файлы, изменять статус каких-либо демонов или звонить вашей маме, чтобы поздравить её с днём рождения. Он только даст обзор производительности вашего сервера и предложит несколько базовых рекомендаций, которые вы можете выполнить. *Убедитесь, что вы прочитали предупреждения до следования рекомендациям.*
-Вопрос: Can I fire my DBA now?
+**Вопрос: Теперь я могу уволить моего DBA?**
-**MySQLTuner will not replace your DBA in any form or fashion.** If your DBA constantly takes your parking spot and steals your lunch from the fridge, then you may want to consider it - but that's your call.
+**MySQLTuner не заменяет вашего DBA никоим образом.** Однако, если ваш DBA постоянно занимает ваше парковочное место и крадёт ваш обед из холодильника, вы можете попробовать сделать это - но это будет ваш выбор.
-Вопрос: Why does MySQLTuner keep asking me the login credentials for MySQL over and over?
+**Вопрос: Почему MySQLTuner каждый раз запрашивает доступы в MySQL?**
-The script will try its best to log in via any means possible. It will check for ~/.my.cnf files, Plesk password files, and empty password root logins. If none of those are available, then you'll be prompted for a password. If you'd like the script to run in an automated fashion without user intervention, then create a .my.cnf file in your home directory which contains:
+Скрипт пытается использовать лучшие способы войти из возможных. Он проверяет ~/.my.cnf файлы, файлы паролей Plesk и пробует пустой пароль для пользователя root. Если ни один из этих способов не сработал, то запрашивается ввод пароля. Если вы хотите, чтобы скрипт работал автоматически, создайте в своей домашней директории файл .my.cnf, содержащий:
[client]
- user=someusername
+ user=distributions
pass=thatuserspassword
-Once you create it, make sure it's owned by your user and the mode on the file is 0600. This should prevent the prying eyes from getting your database login credentials under normal conditions. If a [T-1000 shows up in a LAPD uniform](https://en.wikipedia.org/wiki/T-1000) and demands your database credentials, you won't have much of an option.
-
-Вопрос: Is there another way to secure credentials on latest MySQL and MariaDB distributions ?
+Сразу после создания файла убедитесь, что его владельцем является ваш пользователь, а права на файл - 0600. Это защитит ваш логин и пароль от базы данных от любопытных глаз в нормальных условиях. Но у вас не будет выбора, если появится [T-1000 в униформе полицейского из Лос-Анджелеса](https://ru.wikipedia.org/wiki/T-1000) и потребует доступы от вашей базы данных.
-You could use mysql_config_editor utilities.
+**Вопрос: Есть ли другой способ безопасно сохранить данные для входа в последних версиях MySQL и MariaDB?**
+Вы можете использовать утилиту mysql_config_editor.
$ mysql_config_editor set --login-path=client --user=someusername --password --host=localhost
Enter passord: ********
$
-At this time, ~/.mylogin.cnf has been written with appropriated rigth access.
+Она создаст ~/.mylogin.cnf с корректными правами доступа.
-To get information about stored credentials, use the following command:
+Чтобы получить информацию о сохраненных данных для входа, выполните:
$mysql_config_editor print
[client]
@@ -88,13 +153,89 @@
password = *****
host = localhost
-Вопрос: It's not working on my OS! What gives?!
+**Вопрос: Какие минимальные привелегии нужны для специального пользователя базы данных mysqltuner?**
+
+ mysql>GRANT SELECT, PROCESS,EXECUTE, REPLICATION CLIENT,SHOW DATABASES,SHOW VIEW ON *.* FOR 'mysqltuner'@'localhost' identified by pwd1234;
+
+**Вопрос: Это не работает на моей ОС! Что делать?!**
+
+Иногда такое случается. Чтобы тщательно исследовать проблему, необходимы следующие данные:
+
+* ОС и версия ОС
+* Архитектура (x86, x86_64, IA64, Commodore 64)
+* Точная версия MySQL
+* Где вы взяли данную версию MySQL(OS package, source, etc)
+* Полный текст ошибки
+* Копия вывода SHOW VARIABLES и SHOW GLOBAL STATUS (если это возможно)
-These kinds of things are bound to happen. Here are the details I need from you in order to research the problem thoroughly:
+**Вопрос: Как выполнить проверку на CVE уязвимости?**
+
+* Скачать vulnerabilities.csv с этого репозитория.
+* Использовать опцию --cvefile для проверки
+
+**Вопрос: Как использовать mysqltuner с удалённого хоста?**
+Спасибо [@rolandomysqldba](http://dba.stackexchange.com/users/877/rolandomysqldba)
+
+* Вы можете подключиться так же, как для обычного mysql-клиета:
+
+Подключение и аутентификация.
+
+ --host Connect to a remote host to perform tests (default: localhost)
+ --socket Use a different socket for a local connection
+ --port Port to use for connection (default: 3306)
+ --user Username to use for authentication
+ --pass Password to use for authentication
+ --defaults-file defaulfs file for credentials
+
+Так как вы используете удалённый хост, используйте параметры для указания данных об ОС
+
+ --forcemem Количество оперативной памяти в мегабайтах
+ --forceswap Количество swap памяти в мегабайтах
+
+* Вы можете обратиться к вашему системному администратору, чтобы спросить, сколько оперативной памяти и swap'а вам доступно
+
+Если у баз слишком много таблиц, или есть очень большие таблицы, используйте опцию
+
+ --skipsize Don't enumerate tables and their types/sizes (default: on)
+ (Recommended for servers with many tables)
+
+MySQLTuner и Vagrant
+--
+**MySQLTuner** содержится в следующих конфигурациях Vagrant:
+* Fedora Core 23 / MariaDB 10.0
+* Fedora Core 23 / MariaDB 10.1
+* Fedora Core 23 / MySQL 5.6
+* Fedora Core 23 / MySQL 5.7
+
+**Vagrant File** are stored in Vagrant subdirectory.
+* Follow this 2 steps after vagrant installation:
+* Rename VagrantFile_for_Mxxx into Vagrantfile
+* vagrant up
+
+**MySQLTuner** contains a Vagrant configurations for test purpose and development
+* Install VirtualBox and Vagrant
+ * https://www.virtualbox.org/wiki/Downloads
+ * https://www.vagrantup.com/downloads.html
+* Clone repository
+ * git clone https://github.com/major/MySQLTuner-perl.git
+* Install Vagrant plugins vagrant-hostmanager and vagrant-vbguest
+ * vagrant plugin install vagrant-hostmanager
+ * vagrant plugin install vagrant-vbguest
+* Add Fedora Core 23 box for official Fedora Download Website
+ * vagrant box add --name fc23 https://download.fedoraproject.org/pub/fedora/linux/releases/23/Cloud/x86_64/Images/Fedora-Cloud-Base-Vagrant-23-20151030.x86_64.vagrant-virtualbox.box
+* Create a data directory
+ * mkdir data
+* Rename Vagrantfile_MariaDB10.0 into Vagrantfile
+ * cp MySQLTuner-perl/Vagrant/Vagrantfile_for_MariaDB10.0 Vagrantfile
+* Start vagrant
+ * vagrant up
+
+MySQLTuner нуждается в Вас:
+===
+
+**MySQLTuner** нуждается в вашем вкладе в документацию и код, а так же ждёт обратную связь.
+
+* Присоединяйтесь, пожалуйста, к нашему трекеру ошибок [GitHub tracker](https://github.com/major/MySQLTuner-perl/issues).
+* Руководство по поддержке проекта доступно на [MySQLTuner contributing guide](https://github.com/major/MySQLTuner-perl/blob/master/CONTRIBUTING.md)
+* Ставьте "звезды" **проекту MySQLTuner** на [MySQLTuner Git Hub Project](https://github.com/major/MySQLTuner-perl)
- * OS and OS version
- * Architecture (x86, x86_64, IA64, Commodore 64)
- * Exact MySQL version
- * Where you obtained your MySQL version (OS package, source, etc)
- * The full text of the error
- * A copy of SHOW VARIABLES and SHOW GLOBAL STATUS output (if possible)
\ No newline at end of file
diff -Nru mysqltuner-1.6.18/USAGE.md mysqltuner-1.7.2/USAGE.md
--- mysqltuner-1.6.18/USAGE.md 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/USAGE.md 2017-05-17 15:38:17.000000000 +0000
@@ -1,6 +1,6 @@
# NAME
- MySQLTuner 1.6.10 - MySQL High Performance Tuning Script
+ MySQLTuner 1.7.2 - MySQL High Performance Tuning Script
# IMPORTANT USAGE GUIDELINES
@@ -15,11 +15,13 @@
--socket Use a different socket for a local connection
--port Port to use for connection (default: 3306)
--user Username to use for authentication
+ --userenv Name of env variable which contains username to use for authentication
--pass Password to use for authentication
+ --passenv Name of env variable which contains password to use for authentication
--mysqladmin Path to a custom mysqladmin executable
--mysqlcmd Path to a custom mysql executable
-
-# PERFORMANCE AND REPORTING OPTIONS
+ --defaults-file Path to a custom .my.cnf
+ =head1 PERFORMANCE AND REPORTING OPTIONS
--skipsize Don't enumerate tables and their types/sizes (default: on)
(Recommended for servers with many tables)
@@ -40,9 +42,10 @@
--dbstat Print database information
--idxstat Print index information
--sysstat Print system information
+ --pfstat Print Performance schema
--bannedports Ports banned separated by comma(,)
--maxportallowed Number of ports opened allowed on this hosts
- --cvefile CVE File for vulnerability checks
+ --cvefile CVE File for vulnerability checks
--nocolor Don't print output in color
--json Print result as JSON string
--buffers Print global and per-thread buffer values
@@ -101,6 +104,7 @@
- Joe Ashcraft
- Jean-Marie Renouard
- Stephan GroBberndt
+- Christian Loos
# SUPPORT
@@ -118,7 +122,7 @@
# COPYRIGHT AND LICENSE
-Copyright (C) 2006-2015 Major Hayden - major@mhtx.net
+Copyright (C) 2006-2017 Major Hayden - major@mhtx.net
For the latest updates, please visit http://mysqltuner.com/
diff -Nru mysqltuner-1.6.18/vulnerabilities.csv mysqltuner-1.7.2/vulnerabilities.csv
--- mysqltuner-1.6.18/vulnerabilities.csv 2016-08-31 11:48:01.000000000 +0000
+++ mysqltuner-1.7.2/vulnerabilities.csv 2017-05-17 15:38:17.000000000 +0000
@@ -1,63 +1,63 @@
4.0.20;4;0;20;CVE-2004-0457;Candidate;"The mysqlhotcopy script in mysql 4.0.20 and earlier; when using the scp method from the mysql-server package; allows local users to overwrite arbitrary files via a symlink attack on temporary files.";"DEBIAN:DSA-540 | URL:http://www.debian.org/security/2004/dsa-540 | CONFIRM:http://packages.debian.org/changelogs/pool/main/m/mysql-dfsg/mysql-dfsg_4.0.20-11/changelog | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | OVAL:oval:org.mitre.oval:def:10693 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10693 | XF:mysql-mysqlhotcopy-insecure-file(17030) | URL:http://xforce.iss.net/xforce/xfdb/17030";Assigned (20040506);"None (candidate not yet proposed)";
-4.0.21;4;0;21;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)";
-3.23.49;3;23;49;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)";
-4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)";
-4.1.21;4;1;21;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | OVAL:oval:org.mitre.oval:def:9827 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9827 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930 | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226";Assigned (20060710);"None (candidate not yet proposed)";
-4.1.23;4;1;23;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.42;5;0;42;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.1.18;5;1;18;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.40;5;0;40;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.1.18;5;1;18;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-3780;Candidate;"MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=28984 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2007:0875 | URL:http://www.redhat.com/support/errata/RHSA-2007-0875.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:36732 | URL:http://osvdb.org/36732 | OVAL:oval:org.mitre.oval:def:11058 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11058 | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | SECTRACK:1018629 | URL:http://www.securitytracker.com/id?1018629 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26621 | URL:http://secunia.com/advisories/26621 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-3781;Candidate;"MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement; which allows remote authenticated users to obtain sensitive information such as the table structure.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=25578 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:37783 | URL:http://osvdb.org/37783 | OVAL:oval:org.mitre.oval:def:9195 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9195 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
-5.0.45;5;0;45;CVE-2007-3782;Candidate;"MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://bugs.mysql.com/bug.php?id=27878 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OVAL:oval:org.mitre.oval:def:10563 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10563 | SECTRACK:1018663 | URL:http://securitytracker.com/id?1018663 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
+4.0.20;4;0;20;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)";
+3.23.48;3;23;48;CVE-2004-0836;Candidate;"Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21; and 3.x before 3.23.49; allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).";"CONECTIVA:CLA-2004:892 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000892 | DEBIAN:DSA-562 | URL:http://www.debian.org/security/2004/dsa-562 | GENTOO:GLSA-200410-22 | URL:http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml | MISC:http://bugs.mysql.com/bug.php?id=4017 | MISC:http://lists.mysql.com/internals/14726 | REDHAT:RHSA-2004:597 | URL:http://www.redhat.com/support/errata/RHSA-2004-597.html | REDHAT:RHSA-2004:611 | URL:http://www.redhat.com/support/errata/RHSA-2004-611.html | TRUSTIX:2004-0054 | URL:http://www.trustix.org/errata/2004/0054/ | BUGTRAQ:20041125 [USN-32-1] mysql vulnerabilities | URL:http://marc.info/?l=bugtraq&m=110140517515735&w=2 | CIAC:P-018 | URL:http://www.ciac.org/ciac/bulletins/p-018.shtml | BID:10981 | URL:http://www.securityfocus.com/bid/10981 | SECUNIA:12305 | URL:http://secunia.com/advisories/12305/ | XF:mysql-realconnect-bo(17047) | URL:http://xforce.iss.net/xforce/xfdb/17047";Assigned (20040908);"None (candidate not yet proposed)";
+4.1.9;4;1;9;CVE-2005-0799;Candidate;"MySQL 4.1.9; and possibly earlier versions; allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.";"BUGTRAQ:20050315 Denial of Service Vulnerability in MySQL Server for Windows | URL:http://marc.info/?l=bugtraq&m=111091250923281&w=2 | CONFIRM:http://bugs.mysql.com/bug.php?id=9148 | SECUNIA:14564 | URL:http://secunia.com/advisories/14564";Assigned (20050320);"None (candidate not yet proposed)";
+4.1.20;4;1;20;CVE-2006-3469;Candidate;"Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function; which is later used in a formatted print call to display the error message.";"MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375694 | MISC:http://bugs.mysql.com/bug.php?id=20729 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html | CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 | APPLE:APPLE-SA-2007-03-13 | URL:http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html | DEBIAN:DSA-1112 | URL:http://www.debian.org/security/2006/dsa-1112 | GENTOO:GLSA-200608-09 | URL:http://security.gentoo.org/glsa/glsa-200608-09.xml | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | UBUNTU:USN-321-1 | URL:http://www.ubuntu.com/usn/usn-321-1 | CERT:TA07-072A | URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html | BID:19032 | URL:http://www.securityfocus.com/bid/19032 | OVAL:oval:org.mitre.oval:def:9827 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9827 | VUPEN:ADV-2007-0930 | URL:http://www.vupen.com/english/advisories/2007/0930 | SECUNIA:21147 | URL:http://secunia.com/advisories/21147 | SECUNIA:21366 | URL:http://secunia.com/advisories/21366 | SECUNIA:24479 | URL:http://secunia.com/advisories/24479 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226";Assigned (20060710);"None (candidate not yet proposed)";
+4.1.22;4;1;22;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.41;5;0;41;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.1.17;5;1;17;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-2691;Candidate;"MySQL before 4.1.23; 5.0.x before 5.0.42; and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements; which allows remote authenticated users to rename arbitrary tables.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27515 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:139 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0768 | URL:http://www.redhat.com/support/errata/RHSA-2008-0768.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:24016 | URL:http://www.securityfocus.com/bid/24016 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OSVDB:34766 | URL:http://osvdb.org/34766 | OVAL:oval:org.mitre.oval:def:9559 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9559 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1018069 | URL:http://www.securitytracker.com/id?1018069 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:25946 | URL:http://secunia.com/advisories/25946 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:31226 | URL:http://secunia.com/advisories/31226 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222 | XF:mysql-renametable-weak-security(34347) | URL:http://xforce.iss.net/xforce/xfdb/34347";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.39;5;0;39;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
+5.1.17;5;1;17;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-2692;Candidate;"The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines; which allows remote authenticated users to gain privileges.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=27337 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-18.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:24011 | URL:http://www.securityfocus.com/bid/24011 | OSVDB:34765 | URL:http://osvdb.org/34765 | OVAL:oval:org.mitre.oval:def:9166 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9166 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351 | VUPEN:ADV-2007-1804 | URL:http://www.vupen.com/english/advisories/2007/1804 | SECTRACK:1018070 | URL:http://www.securitytracker.com/id?1018070 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | XF:mysql-changedb-privilege-escalation(34348) | URL:http://xforce.iss.net/xforce/xfdb/34348";Assigned (20070515);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-3780;Candidate;"MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=28984 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2007:0875 | URL:http://www.redhat.com/support/errata/RHSA-2007-0875.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:36732 | URL:http://osvdb.org/36732 | OVAL:oval:org.mitre.oval:def:11058 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11058 | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | SECTRACK:1018629 | URL:http://www.securitytracker.com/id?1018629 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26621 | URL:http://secunia.com/advisories/26621 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823";Assigned (20070715);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-3781;Candidate;"MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement; which allows remote authenticated users to obtain sensitive information such as the table structure.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | MISC:http://bugs.mysql.com/bug.php?id=25578 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200708-10 | URL:http://security.gentoo.org/glsa/glsa-200708-10.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OSVDB:37783 | URL:http://osvdb.org/37783 | OVAL:oval:org.mitre.oval:def:9195 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9195 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26498 | URL:http://secunia.com/advisories/26498 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
+5.0.44;5;0;44;CVE-2007-3782;Candidate;"MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.";"BUGTRAQ:20070717 rPSA-2007-0143-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/473874/100/0/threaded | MLIST:[announce] 20070712 MySQL Community Server 5.0.45 has been released! | URL:http://lists.mysql.com/announce/470 | CONFIRM:https://issues.rpath.com/browse/RPL-1536 | CONFIRM:http://bugs.mysql.com/bug.php?id=27878 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-45.html | DEBIAN:DSA-1413 | URL:http://www.debian.org/security/2007/dsa-1413 | MANDRIVA:MDKSA-2007:177 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 | REDHAT:RHSA-2007:0894 | URL:http://www.redhat.com/support/errata/RHSA-2007-0894.html | REDHAT:RHSA-2008:0364 | URL:http://www.redhat.com/support/errata/RHSA-2008-0364.html | SUSE:SUSE-SR:2007:019 | URL:http://www.novell.com/linux/security/advisories/2007_19_sr.html | UBUNTU:USN-528-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-528-1 | BID:25017 | URL:http://www.securityfocus.com/bid/25017 | OVAL:oval:org.mitre.oval:def:10563 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10563 | SECTRACK:1018663 | URL:http://securitytracker.com/id?1018663 | SECUNIA:26073 | URL:http://secunia.com/advisories/26073 | SECUNIA:26710 | URL:http://secunia.com/advisories/26710 | SECUNIA:25301 | URL:http://secunia.com/advisories/25301 | SECUNIA:26987 | URL:http://secunia.com/advisories/26987 | SECUNIA:27155 | URL:http://secunia.com/advisories/27155 | SECUNIA:26430 | URL:http://secunia.com/advisories/26430 | SECUNIA:27823 | URL:http://secunia.com/advisories/27823 | SECUNIA:30351 | URL:http://secunia.com/advisories/30351";Assigned (20070715);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
5.0.51;5;0;51;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.0.52;5;0;52;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
-5.1.23;5;1;23;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
-6.0.4;6;0;4;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
-5.0.66;5;0;66;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
-5.1.26;5;1;26;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
-6.0.6;6;0;6;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
-5.0.88;5;0;88;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
-5.1.41;5;1;41;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
-1.9.9;1;9;9;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.90;5;0;90;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.1.43;5;1;43;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.5.0;5;5;0;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.51;5;0;51;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-37.1.1;37;1;1;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
-5.0.93;5;0;93;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
-5.1.50;5;1;50;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
-5.1.48;5;1;48;CVE-2010-2008;Candidate;"MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot); .. (dot dot); ../ (dot dot slash) or similar sequence; and an UPGRADE DATA DIRECTORY NAME command; which causes MySQL to move certain directories to the server data directory.";"CONFIRM:http://bugs.mysql.com/bug.php?id=53804 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html | FEDORA:FEDORA-2010-11135 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html | MANDRIVA:MDVSA-2010:155 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:41198 | URL:http://www.securityfocus.com/bid/41198 | OVAL:oval:org.mitre.oval:def:11869 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11869 | SECTRACK:1024160 | URL:http://www.securitytracker.com/id?1024160 | SECUNIA:40333 | URL:http://secunia.com/advisories/40333 | SECUNIA:40762 | URL:http://secunia.com/advisories/40762 | VUPEN:ADV-2010-1918 | URL:http://www.vupen.com/english/advisories/2010/1918";Assigned (20100521);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:http://xforce.iss.net/xforce/xfdb/64843";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:http://xforce.iss.net/xforce/xfdb/64843";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
-5.0.92;5;0;92;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.5.6;5;5;6;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
-5.1.51;5;1;51;CVE-2010-3840;Candidate;"The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.";"MISC:http://lists.mysql.com/commits/117094 | CONFIRM:http://bugs.mysql.com/bug.php?id=51875 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640865 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0824 | URL:http://www.redhat.com/support/errata/RHSA-2010-0824.html | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-gislinestringinitfromwkb-dos(64838) | URL:http://xforce.iss.net/xforce/xfdb/64838";Assigned (20101007);"None (candidate not yet proposed)";
-0.9.4;0;9;4;CVE-2011-0432;Candidate;"Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.";"CONFIRM:http://code.google.com/p/pywebdav/updates/list | CONFIRM:http://pywebdav.googlecode.com/files/PyWebDAV-0.9.4.1.tar.gz | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=677718 | DEBIAN:DSA-2177 | URL:http://www.debian.org/security/2011/dsa-2177 | FEDORA:FEDORA-2011-2427 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055444.html | FEDORA:FEDORA-2011-2460 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055412.html | FEDORA:FEDORA-2011-2470 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055413.html | BID:46655 | URL:http://www.securityfocus.com/bid/46655 | SECUNIA:43571 | URL:http://secunia.com/advisories/43571 | SECUNIA:43602 | URL:http://secunia.com/advisories/43602 | SECUNIA:43703 | URL:http://secunia.com/advisories/43703 | VUPEN:ADV-2011-0553 | URL:http://www.vupen.com/english/advisories/2011/0553 | VUPEN:ADV-2011-0554 | URL:http://www.vupen.com/english/advisories/2011/0554 | VUPEN:ADV-2011-0634 | URL:http://www.vupen.com/english/advisories/2011/0634";Assigned (20110112);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-5969;Candidate;"MySQL Community Server 5.0.x before 5.0.51; Enterprise Server 5.0.x before 5.0.52; Server 5.1.x before 5.1.23; and Server 6.0.x before 6.0.4; when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options; allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.";"BUGTRAQ:20080117 rPSA-2008-0018-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/486477/100/0/threaded | MLIST:[Announcements] 20071206 MySQL 5.0.51 has been released | URL:http://lists.mysql.com/announce/495 | CONFIRM:http://bugs.mysql.com/32111 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://forums.mysql.com/read.php?3;186931;186931 | CONFIRM:https://issues.rpath.com/browse/RPL-1999 | CONFIRM:http://dev.mysql.com/doc/refman/4.1/en/news-4-1-24.html | CONFIRM:http://support.apple.com/kb/HT3216 | APPLE:APPLE-SA-2008-10-09 | URL:http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDKSA-2007:243 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 | REDHAT:RHSA-2007:1155 | URL:http://www.redhat.com/support/errata/RHSA-2007-1155.html | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SLACKWARE:SSA:2007-348-01 | URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.428959 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26765 | URL:http://www.securityfocus.com/bid/26765 | BID:31681 | URL:http://www.securityfocus.com/bid/31681 | OVAL:oval:org.mitre.oval:def:10509 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10509 | VUPEN:ADV-2007-4142 | URL:http://www.vupen.com/english/advisories/2007/4142 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | VUPEN:ADV-2008-1000 | URL:http://www.vupen.com/english/advisories/2008/1000/references | VUPEN:ADV-2008-2780 | URL:http://www.vupen.com/english/advisories/2008/2780 | SECTRACK:1019060 | URL:http://www.securitytracker.com/id?1019060 | SECUNIA:27981 | URL:http://secunia.com/advisories/27981 | SECUNIA:28040 | URL:http://secunia.com/advisories/28040 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28108 | URL:http://secunia.com/advisories/28108 | SECUNIA:28099 | URL:http://secunia.com/advisories/28099 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28559 | URL:http://secunia.com/advisories/28559 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | SECUNIA:32222 | URL:http://secunia.com/advisories/32222";Assigned (20071114);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-6303;Candidate;"MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered; which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29908 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | FEDORA:FEDORA-2007-4465 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00467.html | FEDORA:FEDORA-2007-4471 | URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00475.html | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | REDHAT:RHSA-2007:1157 | URL:http://www.redhat.com/support/errata/RHSA-2007-1157.html | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-588-1 | URL:http://www.ubuntu.com/usn/usn-588-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28025 | URL:http://secunia.com/advisories/28025 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29443 | URL:http://secunia.com/advisories/29443 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-definer-value-privilege-escalation(38989) | URL:http://xforce.iss.net/xforce/xfdb/38989";Assigned (20071210);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-6304;Candidate;"The federated engine in MySQL 5.0.x before 5.0.51a; 5.1.x before 5.1.23; and 6.0.x before 6.0.4; when performing a certain SHOW TABLE STATUS query; allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.";"BUGTRAQ:20080205 rPSA-2008-0040-1 mysql mysql-bench mysql-server | URL:http://www.securityfocus.com/archive/1/archive/1/487606/100/0/threaded | CONFIRM:http://bugs.mysql.com/bug.php?id=29801 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-52.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-4.html | CONFIRM:http://lists.mysql.com/announce/502 | CONFIRM:https://issues.rpath.com/browse/RPL-2187 | CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0040 | DEBIAN:DSA-1451 | URL:http://www.debian.org/security/2008/dsa-1451 | GENTOO:GLSA-200804-04 | URL:http://security.gentoo.org/glsa/glsa-200804-04.xml | MANDRIVA:MDVSA-2008:017 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:017 | MANDRIVA:MDVSA-2008:028 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 | SUSE:SUSE-SR:2008:003 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html | UBUNTU:USN-559-1 | URL:http://www.ubuntulinux.org/support/documentation/usn/usn-559-1 | BID:26832 | URL:http://www.securityfocus.com/bid/26832 | OSVDB:42609 | URL:http://osvdb.org/42609 | VUPEN:ADV-2007-4198 | URL:http://www.vupen.com/english/advisories/2007/4198 | SECTRACK:1019085 | URL:http://securitytracker.com/id?1019085 | SECUNIA:28063 | URL:http://secunia.com/advisories/28063 | SECUNIA:28128 | URL:http://secunia.com/advisories/28128 | SECUNIA:28343 | URL:http://secunia.com/advisories/28343 | SECUNIA:28637 | URL:http://secunia.com/advisories/28637 | SECUNIA:28739 | URL:http://secunia.com/advisories/28739 | SECUNIA:28838 | URL:http://secunia.com/advisories/28838 | SECUNIA:29706 | URL:http://secunia.com/advisories/29706 | XF:mysql-federated-engine-dos(38990) | URL:http://xforce.iss.net/xforce/xfdb/38990";Assigned (20071210);"None (candidate not yet proposed)";
+5.1.22;5;1;22;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
+6.0.3;6;0;3;CVE-2007-6313;Candidate;"MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG; which allows remote authorized users to execute arbitrary BINLOG statements.";"CONFIRM:http://bugs.mysql.com/31611 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-23.html | SECTRACK:1019083 | URL:http://www.securitytracker.com/id?1019083 | VUPEN:ADV-2008-0560 | URL:http://www.vupen.com/english/advisories/2008/0560/references | OSVDB:43179 | URL:http://osvdb.org/43179";Assigned (20071211);"None (candidate not yet proposed)";
+5.0.65;5;0;65;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
+5.1.25;5;1;25;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
+6.0.5;6;0;5;CVE-2008-3963;Candidate;"MySQL 5.0 before 5.0.66; 5.1 before 5.1.26; and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token; aka an empty bit-string literal; which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.";"MLIST:[oss-security] 20080909 CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/4 | MLIST:[oss-security] 20080909 Re: CVE request: MySQL empty bit-string literal server crash | URL:http://www.openwall.com/lists/oss-security/2008/09/09/7 | CONFIRM:http://bugs.mysql.com/bug.php?id=35658 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-66.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html | CONFIRM:http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html | CONFIRM:https://bugs.gentoo.org/237166 | DEBIAN:DSA-1783 | URL:http://www.debian.org/security/2009/dsa-1783 | MANDRIVA:MDVSA-2009:094 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:094 | REDHAT:RHSA-2009:1067 | URL:http://www.redhat.com/support/errata/RHSA-2009-1067.html | REDHAT:RHSA-2009:1289 | URL:http://www.redhat.com/support/errata/RHSA-2009-1289.html | SUSE:SUSE-SR:2008:025 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | UBUNTU:USN-671-1 | URL:http://www.ubuntu.com/usn/USN-671-1 | OVAL:oval:org.mitre.oval:def:10521 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10521 | SECUNIA:34907 | URL:http://secunia.com/advisories/34907 | SECUNIA:32769 | URL:http://secunia.com/advisories/32769 | SECUNIA:36566 | URL:http://secunia.com/advisories/36566 | VUPEN:ADV-2008-2554 | URL:http://www.vupen.com/english/advisories/2008/2554 | SECTRACK:1020858 | URL:http://www.securitytracker.com/id?1020858 | SECUNIA:31769 | URL:http://secunia.com/advisories/31769 | SECUNIA:32759 | URL:http://secunia.com/advisories/32759 | XF:mysql-bitstring-dos(45042) | URL:http://xforce.iss.net/xforce/xfdb/45042";Assigned (20080909);"None (candidate not yet proposed)";
+5.0.87;5;0;87;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
+5.1.40;5;1;40;CVE-2009-4028;Candidate;"The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41; when OpenSSL is used; accepts a value of zero for the depth of X.509 certificates; which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate; as demonstrated by a certificate presented by a server linked against the yaSSL library.";"MLIST:[commits] 20091020 bzr commit into mysql-4.1 branch (joro:2709) Bug#47320 | URL:http://lists.mysql.com/commits/87446 | MLIST:[oss-security] 20091119 mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/19/3 | MLIST:[oss-security] 20091121 CVE Request - MySQL - 5.0.88 | URL:http://marc.info/?l=oss-security&m=125881733826437&w=2 | MLIST:[oss-security] 20091123 Re: mysql-5.1.41 | URL:http://www.openwall.com/lists/oss-security/2009/11/23/16 | CONFIRM:http://bugs.mysql.com/47320 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html | REDHAT:RHSA-2010:0109 | URL:http://www.redhat.com/support/errata/RHSA-2010-0109.html | SUSE:SUSE-SR:2010:011 | URL:http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html | OVAL:oval:org.mitre.oval:def:10940 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10940 | OVAL:oval:org.mitre.oval:def:8510 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:8510 | VUPEN:ADV-2010-1107 | URL:http://www.vupen.com/english/advisories/2010/1107";Assigned (20091120);"None (candidate not yet proposed)";
+1.9.8;1;9;8;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.0.89;5;0;89;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.1.42;5;1;42;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.5.-1;5;5;-1;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.0.50;5;0;50;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
+37.1.0;37;1;0;CVE-2009-4484;Candidate;"Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9; as used in mysqld in MySQL 5.0.x before 5.0.90; MySQL 5.1.x before 5.1.43; MySQL 5.5.x through 5.5.0-m2; and other products; allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field; as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.";"MLIST:[dailydave] 20100106 0day demos | URL:http://archives.neohapsis.com/archives/dailydave/2010-q1/0002.html | MLIST:[commits] 20100113 bzr commit into mysql-5.0-bugteam branch (ramil:2838) Bug#50227 | URL:http://lists.mysql.com/commits/96697 | MLIST:[dailydave] 20100126 New db bugs | URL:http://lists.immunitysec.com/pipermail/dailydave/2010-January/006020.html | MISC:http://intevydis.com/vd-list.shtml | MISC:http://www.intevydis.com/blog/?p=57 | MISC:http://intevydis.com/mysql_demo.html | MISC:http://isc.sans.org/diary.html?storyid=7900 | MISC:http://www.intevydis.com/blog/?p=106 | MISC:http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html | MISC:http://intevydis.com/mysql_overflow1.py.txt | MISC:http://www.metasploit.com/modules/exploit/linux/mysql/mysql_yassl_getname | CONFIRM:http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1 | CONFIRM:http://bugs.mysql.com/bug.php?id=50227 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html | CONFIRM:http://www.yassl.com/news.html#yassl199 | CONFIRM:http://www.yassl.com/release.html | CONFIRM:http://yassl.cvs.sourceforge.net/viewvc/yassl/yassl/taocrypt/src/asn.cpp?r1=1.13&r2=1.14 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=555313 | DEBIAN:DSA-1997 | URL:http://www.debian.org/security/2010/dsa-1997 | UBUNTU:USN-897-1 | URL:http://ubuntu.com/usn/usn-897-1 | BID:37640 | URL:http://www.securityfocus.com/bid/37640 | BID:37943 | URL:http://www.securityfocus.com/bid/37943 | BID:37974 | URL:http://www.securityfocus.com/bid/37974 | OSVDB:61956 | URL:http://www.osvdb.org/61956 | SECTRACK:1023402 | URL:http://securitytracker.com/id?1023402 | SECTRACK:1023513 | URL:http://securitytracker.com/id?1023513 | SECUNIA:37493 | URL:http://secunia.com/advisories/37493 | SECUNIA:38344 | URL:http://secunia.com/advisories/38344 | SECUNIA:38364 | URL:http://secunia.com/advisories/38364 | SECUNIA:38573 | URL:http://secunia.com/advisories/38573 | SECUNIA:38517 | URL:http://secunia.com/advisories/38517 | VUPEN:ADV-2010-0233 | URL:http://www.vupen.com/english/advisories/2010/0233 | VUPEN:ADV-2010-0236 | URL:http://www.vupen.com/english/advisories/2010/0236 | XF:mysql-unspecified-bo(55416) | URL:http://xforce.iss.net/xforce/xfdb/55416";Assigned (20091230);"None (candidate not yet proposed)";
+5.0.92;5;0;92;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
+5.1.49;5;1;49;CVE-2009-5026;Candidate;"The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50; when running in certain slave configurations in which the slave is running a newer version than the master; allows remote attackers to execute arbitrary SQL commands via custom comments.";"MLIST:[oss-security] 20111018 Re: MySQL executable comment execution on MySQL slave server (from 2009) | URL:http://seclists.org/oss-sec/2011/q4/101 | CONFIRM:http://bugs.mysql.com/bug.php?id=49124 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-93.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640177 | SUSE:SUSE-SU-2012:0984 | URL:http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html | SECUNIA:49179 | URL:http://secunia.com/advisories/49179";Assigned (20101209);"None (candidate not yet proposed)";
+5.1.47;5;1;47;CVE-2010-2008;Candidate;"MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot); .. (dot dot); ../ (dot dot slash) or similar sequence; and an UPGRADE DATA DIRECTORY NAME command; which causes MySQL to move certain directories to the server data directory.";"CONFIRM:http://bugs.mysql.com/bug.php?id=53804 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html | FEDORA:FEDORA-2010-11135 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044546.html | MANDRIVA:MDVSA-2010:155 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:41198 | URL:http://www.securityfocus.com/bid/41198 | OVAL:oval:org.mitre.oval:def:11869 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11869 | SECTRACK:1024160 | URL:http://www.securitytracker.com/id?1024160 | SECUNIA:40333 | URL:http://secunia.com/advisories/40333 | SECUNIA:40762 | URL:http://secunia.com/advisories/40762 | VUPEN:ADV-2010-1918 | URL:http://www.vupen.com/english/advisories/2010/1918";Assigned (20100521);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3833;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 does not properly propagate type errors; which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST; related to KILL_BAD_DATA and a ""CREATE TABLE ... SELECT.""";"MISC:http://bugs.mysql.com/bug.php?id=55826 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640751 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-extremevalue-dos(64845) | URL:http://xforce.iss.net/xforce/xfdb/64845";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3834;Candidate;"Unspecified vulnerability in MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to ""materializing a derived table that required a temporary table for grouping"" and ""user variable assignments.""";"MISC:http://bugs.mysql.com/bug.php?id=55568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640808 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-derived-table-dos(64844) | URL:http://xforce.iss.net/xforce/xfdb/64844";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:http://xforce.iss.net/xforce/xfdb/64843";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3835;Candidate;"MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY; then causing the expression value to be used after the table is created; which causes the expression to be re-evaluated instead of accessing its value from the table.";"MISC:http://bugs.mysql.com/bug.php?id=55564 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640819 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-uservariable-dos(64843) | URL:http://xforce.iss.net/xforce/xfdb/64843";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3836;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation; pre-evaluation of LIKE predicates; and IN Optimizers.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54568 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640845 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-view-preparation-dos(64842) | URL:http://xforce.iss.net/xforce/xfdb/64842";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3837;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier; probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.";"CONFIRM:http://bugs.mysql.com/bug.php?id=54476 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640856 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-prepared-statement-dos(64841) | URL:http://xforce.iss.net/xforce/xfdb/64841";Assigned (20101007);"None (candidate not yet proposed)";
+5.0.91;5;0;91;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
+5.5.5;5;5;5;CVE-2010-3838;Candidate;"MySQL 5.0 before 5.0.92; 5.1 before 5.1.51; and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments; which is not properly handled when the function's result is ""processed using an intermediate temporary table.""";"MISC:http://bugs.mysql.com/bug.php?id=54461 | CONFIRM:http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640858 | CONFIRM:http://support.apple.com/kb/HT4723 | APPLE:APPLE-SA-2011-06-23-1 | URL:http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-longblob-dos(64840) | URL:http://xforce.iss.net/xforce/xfdb/64840";Assigned (20101007);"None (candidate not yet proposed)";
+5.1.50;5;1;50;CVE-2010-3840;Candidate;"The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.";"MISC:http://lists.mysql.com/commits/117094 | CONFIRM:http://bugs.mysql.com/bug.php?id=51875 | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=640865 | DEBIAN:DSA-2143 | URL:http://www.debian.org/security/2011/dsa-2143 | MANDRIVA:MDVSA-2010:222 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:222 | MANDRIVA:MDVSA-2010:223 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 | REDHAT:RHSA-2010:0824 | URL:http://www.redhat.com/support/errata/RHSA-2010-0824.html | REDHAT:RHSA-2010:0825 | URL:http://www.redhat.com/support/errata/RHSA-2010-0825.html | REDHAT:RHSA-2011:0164 | URL:http://www.redhat.com/support/errata/RHSA-2011-0164.html | TURBO:TLSA-2011-3 | URL:http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt | UBUNTU:USN-1017-1 | URL:http://www.ubuntu.com/usn/USN-1017-1 | BID:43676 | URL:http://www.securityfocus.com/bid/43676 | SECUNIA:42875 | URL:http://secunia.com/advisories/42875 | SECUNIA:42936 | URL:http://secunia.com/advisories/42936 | VUPEN:ADV-2011-0105 | URL:http://www.vupen.com/english/advisories/2011/0105 | VUPEN:ADV-2011-0170 | URL:http://www.vupen.com/english/advisories/2011/0170 | VUPEN:ADV-2011-0345 | URL:http://www.vupen.com/english/advisories/2011/0345 | XF:mysql-gislinestringinitfromwkb-dos(64838) | URL:http://xforce.iss.net/xforce/xfdb/64838";Assigned (20101007);"None (candidate not yet proposed)";
+0.9.3;0;9;3;CVE-2011-0432;Candidate;"Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.";"CONFIRM:http://code.google.com/p/pywebdav/updates/list | CONFIRM:http://pywebdav.googlecode.com/files/PyWebDAV-0.9.4.1.tar.gz | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=677718 | DEBIAN:DSA-2177 | URL:http://www.debian.org/security/2011/dsa-2177 | FEDORA:FEDORA-2011-2427 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055444.html | FEDORA:FEDORA-2011-2460 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055412.html | FEDORA:FEDORA-2011-2470 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055413.html | BID:46655 | URL:http://www.securityfocus.com/bid/46655 | SECUNIA:43571 | URL:http://secunia.com/advisories/43571 | SECUNIA:43602 | URL:http://secunia.com/advisories/43602 | SECUNIA:43703 | URL:http://secunia.com/advisories/43703 | VUPEN:ADV-2011-0553 | URL:http://www.vupen.com/english/advisories/2011/0553 | VUPEN:ADV-2011-0554 | URL:http://www.vupen.com/english/advisories/2011/0554 | VUPEN:ADV-2011-0634 | URL:http://www.vupen.com/english/advisories/2011/0634";Assigned (20110112);"None (candidate not yet proposed)";
5.1.62;5;1;62;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:http://xforce.iss.net/xforce/xfdb/77061";Assigned (20120111);"None (candidate not yet proposed)";
5.5.23;5;5;23;CVE-2012-0540;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54551 | URL:http://www.securityfocus.com/bid/54551 | OSVDB:83976 | URL:http://osvdb.org/83976 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-gisextension-dos(77061) | URL:http://xforce.iss.net/xforce/xfdb/77061";Assigned (20120111);"None (candidate not yet proposed)";
5.1.66;5;1;66;CVE-2012-0572;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16792 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16792 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120111);"None (candidate not yet proposed)";
@@ -71,14 +71,14 @@
5.5.21;5;5;21;CVE-2012-1688;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability; related to Server DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53067 | URL:http://www.securityfocus.com/bid/53067 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.1.62;5;1;62;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:http://xforce.iss.net/xforce/xfdb/77065";Assigned (20120316);"None (candidate not yet proposed)";
5.5.22;5;5;22;CVE-2012-1689;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54547 | URL:http://www.securityfocus.com/bid/54547 | OSVDB:83980 | URL:http://osvdb.org/83980 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-optimizer-dos(77065) | URL:http://xforce.iss.net/xforce/xfdb/77065";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-1690;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1703.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53074 | URL:http://www.securityfocus.com/bid/53074 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.5.19;5;5;19;CVE-2012-1696;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53071 | URL:http://www.securityfocus.com/bid/53071 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.5.21;5;5;21;CVE-2012-1697;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:53064 | URL:http://www.securityfocus.com/bid/53064 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.1.66;5;1;66;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.5.28;5;5;28;CVE-2012-1702;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17186 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17186 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
-5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-1703;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier; and 5.5.21 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer; a different vulnerability than CVE-2012-1690.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:53058 | URL:http://www.securityfocus.com/bid/53058 | SECUNIA:49179 | URL:http://secunia.com/advisories/49179 | SECUNIA:48890 | URL:http://secunia.com/advisories/48890 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.1.66;5;1;66;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.5.28;5;5;28;CVE-2012-1705;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:17268 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17268 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120316);"None (candidate not yet proposed)";
5.1.62;5;1;62;CVE-2012-1734;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier; and 5.5.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | BID:54540 | URL:http://www.securityfocus.com/bid/54540 | OSVDB:83979 | URL:http://osvdb.org/83979 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysql-servopt-dos(77064) | URL:http://xforce.iss.net/xforce/xfdb/77064";Assigned (20120316);"None (candidate not yet proposed)";
@@ -86,9 +86,9 @@
5.5.23;5;5;23;CVE-2012-1735;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54549 | URL:http://www.securityfocus.com/bid/54549 | OSVDB:83975 | URL:http://osvdb.org/83975 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-serveroptimizer-dos(77060) | URL:http://xforce.iss.net/xforce/xfdb/77060";Assigned (20120316);"None (candidate not yet proposed)";
5.5.23;5;5;23;CVE-2012-1756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54524 | URL:http://www.securityfocus.com/bid/54524 | OSVDB:83978 | URL:http://osvdb.org/83978 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-server1-dos(77063) | URL:http://xforce.iss.net/xforce/xfdb/77063";Assigned (20120316);"None (candidate not yet proposed)";
5.5.23;5;5;23;CVE-2012-1757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | BID:54526 | URL:http://www.securityfocus.com/bid/54526 | OSVDB:83977 | URL:http://osvdb.org/83977 | SECTRACK:1027263 | URL:http://www.securitytracker.com/id?1027263 | XF:mysql-innodb1-dos(77062) | URL:http://xforce.iss.net/xforce/xfdb/77062";Assigned (20120316);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-5.5.22;5;5;22;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
-97.15.15;97;15;15;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
+5.5.21;5;5;21;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
+97.15.14;97;15;14;CVE-2012-2102;Candidate;"MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.";"MLIST:[oss-security] 20120413 Re: CVE request: mysql: Server crash on HANDLER READ NEXT after DELETE | URL:http://www.openwall.com/lists/oss-security/2012/04/13/7 | MISC:http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 | MISC:http://eromang.zataz.com/2012/04/10/oracle-mysql-innodb-bugs-13510739-and-63775-dos-demo/ | CONFIRM:http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html | CONFIRM:http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | BID:52931 | URL:http://www.securityfocus.com/bid/52931 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120404);"None (candidate not yet proposed)";
5.5.26;5;5;26;CVE-2012-3144;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-server-cve20123144-dos(79387) | URL:http://xforce.iss.net/xforce/xfdb/79387";Assigned (20120606);"None (candidate not yet proposed)";
5.5.26;5;5;26;CVE-2012-3147;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-cve20123147(79384) | URL:http://xforce.iss.net/xforce/xfdb/79384";Assigned (20120606);"None (candidate not yet proposed)";
5.5.26;5;5;26;CVE-2012-3149;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality; related to MySQL Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | XF:mysqlserver-client-info-disc(79390) | URL:http://xforce.iss.net/xforce/xfdb/79390";Assigned (20120606);"None (candidate not yet proposed)";
@@ -113,11 +113,11 @@
5.5.27;5;5;27;CVE-2012-3180;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier; and 5.5.27 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-optimize-dos(79389) | URL:http://xforce.iss.net/xforce/xfdb/79389";Assigned (20120606);"None (candidate not yet proposed)";
5.1.64;5;1;64;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:http://xforce.iss.net/xforce/xfdb/79393";Assigned (20120606);"None (candidate not yet proposed)";
5.5.26;5;5;26;CVE-2012-3197;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier; and 5.5.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html | DEBIAN:DSA-2581 | URL:http://www.debian.org/security/2012/dsa-2581 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2012:1462 | URL:http://rhn.redhat.com/errata/RHSA-2012-1462.html | UBUNTU:USN-1621-1 | URL:http://www.ubuntu.com/usn/USN-1621-1 | SECUNIA:51309 | URL:http://secunia.com/advisories/51309 | SECUNIA:51177 | URL:http://secunia.com/advisories/51177 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:mysqlserver-serverreplication-dos(79393) | URL:http://xforce.iss.net/xforce/xfdb/79393";Assigned (20120606);"None (candidate not yet proposed)";
-5.5.29;5;5;29;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.1.62;5;1;62;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.2.12;5;2;12;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.3.7;5;3;7;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
-5.5.25;5;5;25;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.5.28;5;5;28;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.1.61;5;1;61;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.2.11;5;2;11;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.3.6;5;3;6;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
+5.5.24;5;5;24;CVE-2012-4414;Candidate;"Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29; and MariaDB 5.1.x through 5.1.62; 5.2.x through 5.2.12; 5.3.x through 5.3.7; and 5.5.x through 5.5.25; allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116; Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.";"MLIST:[oss-security] 20120911 Multiple SQL injections in MySQL/MariaDB | URL:http://www.openwall.com/lists/oss-security/2012/09/11/4 | MISC:http://bugs.mysql.com/bug.php?id=66550 | MISC:http://www.mysqlperformanceblog.com/2013/01/13/cve-2012-4414-in-mysql-5-5-29-and-percona-server-5-5-29/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=852144 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-382 | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | MANDRIVA:MDVSA-2013:102 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 | SUSE:openSUSE-SU-2013:0011 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html | SUSE:openSUSE-SU-2013:0014 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html | SUSE:openSUSE-SU-2013:0135 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html | SUSE:openSUSE-SU-2013:0156 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html | BID:55498 | URL:http://www.securityfocus.com/bid/55498";Assigned (20120821);"None (candidate not yet proposed)";
5.1.65;5;1;65;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120921);"None (candidate not yet proposed)";
5.5.27;5;5;27;CVE-2012-5060;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability; related to GIS Extension.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120921);"None (candidate not yet proposed)";
5.5.28;5;5;28;CVE-2012-5096;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16877 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16877 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20120922);"None (candidate not yet proposed)";
@@ -135,8 +135,8 @@
5.5.28;5;5;28;CVE-2013-0386;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16835 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16835 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
5.1.66;5;1;66;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
5.5.28;5;5;28;CVE-2013-0389;Candidate;"Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier; and 5.5.28 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0219 | URL:http://rhn.redhat.com/errata/RHSA-2013-0219.html | UBUNTU:USN-1703-1 | URL:http://www.ubuntu.com/usn/USN-1703-1 | OVAL:oval:org.mitre.oval:def:16825 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:16825 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20121207);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
+5.6.9;5;6;9;CVE-2013-1502;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.1.67;5;1;67;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.5.29;5;5;29;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-1506;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; 5.5.29 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
@@ -150,13 +150,13 @@
5.1.63;5;1;63;CVE-2013-1548;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.1.67;5;1;67;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
5.5.29;5;5;29;CVE-2013-1555;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier; and 5.5.29 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130130);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.3.13;5;3;13;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.2.15;5;2;15;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.1.68;5;1;68;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.1.69;5;1;69;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.5.29;5;5;29;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.3.12;5;3;12;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.2.14;5;2;14;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.1.67;5;1;67;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.1.68;5;1;68;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2013-1861;Candidate;"MariaDB 5.5.x before 5.5.30; 5.3.x before 5.3.13; 5.2.x before 5.2.15; and 5.1.x before 5.1.68; and Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points; which is not properly handled when processing the binary representation of this feature; related to a numeric calculation error.";"MLIST:[Commits] 20130305 Rev 3682: TODO-424 geometry query crashes server. in file:///home/hf/wmar/todo-424/ | URL:http://lists.askmonty.org/pipermail/commits/2013-March/004371.html | MLIST:[oss-security] 20130513 CVE-2013-1861 for MySQL/MariaDB: geometry query crashes mysqld | URL:http://seclists.org/oss-sec/2013/q1/671 | MISC:https://bugzilla.redhat.com/show_bug.cgi?id=919247 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-4252 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:58511 | URL:http://www.securityfocus.com/bid/58511 | OSVDB:91415 | URL:http://www.osvdb.org/91415 | SECUNIA:52639 | URL:http://secunia.com/advisories/52639 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:mysql-mariadb-cve20131861-dos(82895) | URL:http://xforce.iss.net/xforce/xfdb/82895";Assigned (20130219);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-2381;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.1.68;5;1;68;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-2391;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
@@ -165,338 +165,489 @@
5.5.30;5;5;30;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-2392;Candidate;"Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | MANDRIVA:MDVSA-2013:150 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 | REDHAT:RHSA-2013:0772 | URL:http://rhn.redhat.com/errata/RHSA-2013-0772.html | SECUNIA:53372 | URL:http://secunia.com/advisories/53372";Assigned (20130305);"None (candidate not yet proposed)";
5.5.31;5;5;31;CVE-2013-3783;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61210 | URL:http://www.securityfocus.com/bid/61210 | OSVDB:95332 | URL:http://osvdb.org/95332 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133783(85719) | URL:http://xforce.iss.net/xforce/xfdb/85719";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3793;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61264 | URL:http://www.securityfocus.com/bid/61264 | OSVDB:95323 | URL:http://osvdb.org/95323 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133793(85710) | URL:http://xforce.iss.net/xforce/xfdb/85710";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2013-3794;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61222 | URL:http://www.securityfocus.com/bid/61222 | OSVDB:95333 | URL:http://osvdb.org/95333";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3795;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61241 | URL:http://www.securityfocus.com/bid/61241 | OSVDB:95324 | URL:http://osvdb.org/95324";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3796;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61233 | URL:http://www.securityfocus.com/bid/61233 | OSVDB:95329 | URL:http://osvdb.org/95329";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3798;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61274 | URL:http://www.securityfocus.com/bid/61274 | OSVDB:95321 | URL:http://osvdb.org/95321";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2013-3801;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | BID:61269 | URL:http://www.securityfocus.com/bid/61269 | OSVDB:95331 | URL:http://osvdb.org/95331";Assigned (20130603);"None (candidate not yet proposed)";
5.1.69;5;1;69;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)";
5.5.31;5;5;31;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3802;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | BID:61244 | URL:http://www.securityfocus.com/bid/61244 | OSVDB:95325 | URL:http://osvdb.org/95325 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133802(85712) | URL:http://xforce.iss.net/xforce/xfdb/85712";Assigned (20130603);"None (candidate not yet proposed)";
5.1.69;5;1;69;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)";
5.5.31;5;5;31;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3804;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier; 5.5.31 and earlier; and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95328 | URL:http://osvdb.org/95328 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133804(85715) | URL:http://xforce.iss.net/xforce/xfdb/85715";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.30;5;5;30;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2013-3805;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95327 | URL:http://osvdb.org/95327";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3806;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3811.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95326 | URL:http://osvdb.org/95326 | XF:oracle-cpujuly2013-cve20133806(85713) | URL:http://xforce.iss.net/xforce/xfdb/85713";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3807;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95334 | URL:http://osvdb.org/95334 | XF:oracle-cpujuly2013-cve20133807(85721) | URL:http://xforce.iss.net/xforce/xfdb/85721";Assigned (20130603);"None (candidate not yet proposed)";
5.1.68;5;1;68;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)";
5.5.30;5;5;30;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)";
5.6.10;5;6;10;CVE-2013-3808;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier; 5.5.30 and earlier; and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | GENTOO:GLSA-201308-06 | URL:http://security.gentoo.org/glsa/glsa-201308-06.xml | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95330 | URL:http://osvdb.org/95330 | SECUNIA:53372 | URL:http://secunia.com/advisories/53372 | XF:oracle-cpujuly2013-cve20133808(85717) | URL:http://xforce.iss.net/xforce/xfdb/85717";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3809;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95322 | URL:http://osvdb.org/95322 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133809(85709) | URL:http://xforce.iss.net/xforce/xfdb/85709";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3810;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95337 | URL:http://osvdb.org/95337 | XF:oracle-cpujuly2013-cve20133810(85724) | URL:http://xforce.iss.net/xforce/xfdb/85724";Assigned (20130603);"None (candidate not yet proposed)";
5.6.11;5;6;11;CVE-2013-3811;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-3806.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | OSVDB:95335 | URL:http://osvdb.org/95335 | XF:oracle-cpujuly2013-cve20133811(85722) | URL:http://xforce.iss.net/xforce/xfdb/85722";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)";
-5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:http://xforce.iss.net/xforce/xfdb/90373";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:http://xforce.iss.net/xforce/xfdb/90377";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:http://xforce.iss.net/xforce/xfdb/90374";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:http://xforce.iss.net/xforce/xfdb/90376";Assigned (20130918);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714";Assigned (20131203);"None (candidate not yet proposed)";
-02.565.64;02;565;64;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714";Assigned (20131203);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.71;5;1;71;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.33;5;5;33;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:http://xforce.iss.net/xforce/xfdb/90383";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:http://xforce.iss.net/xforce/xfdb/90387";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:http://xforce.iss.net/xforce/xfdb/90384";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.13;5;6;13;CVE-2014-0433;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64895 | URL:http://www.securityfocus.com/bid/64895 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140433(90375) | URL:http://xforce.iss.net/xforce/xfdb/90375";Assigned (20131212);"None (candidate not yet proposed)";
-5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66872 | URL:http://www.securityfocus.com/bid/66872";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66853 | URL:http://www.securityfocus.com/bid/66853";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.31;5;5;31;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-3812;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | SUSE:SUSE-SU-2013:1390 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html | SUSE:openSUSE-SU-2013:1335 | URL:http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html | SUSE:openSUSE-SU-2013:1410 | URL:http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html | SUSE:SUSE-SU-2013:1529 | URL:http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html | UBUNTU:USN-1909-1 | URL:http://www.ubuntu.com/usn/USN-1909-1 | OSVDB:95336 | URL:http://osvdb.org/95336 | SECUNIA:54300 | URL:http://secunia.com/advisories/54300 | XF:oracle-cpujuly2013-cve20133812(85723) | URL:http://xforce.iss.net/xforce/xfdb/85723";Assigned (20130603);"None (candidate not yet proposed)";
+5.1.70;5;1;70;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
+5.5.32;5;5;32;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-3839;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier; 5.5.32 and earlier; and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2780 | URL:http://www.debian.org/security/2013/dsa-2780 | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2013:250 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:250 | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63109 | URL:http://www.securityfocus.com/bid/63109 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184 | SECUNIA:55291 | URL:http://secunia.com/advisories/55291";Assigned (20130603);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5767;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63113 | URL:http://www.securityfocus.com/bid/63113 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.11;5;6;11;CVE-2013-5770;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63119 | URL:http://www.securityfocus.com/bid/63119 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5786;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5793.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63107 | URL:http://www.securityfocus.com/bid/63107 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5793;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5786.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:63116 | URL:http://www.securityfocus.com/bid/63116 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.32;5;5;32;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63105 | URL:http://www.securityfocus.com/bid/63105 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.12;5;6;12;CVE-2013-5807;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html | DEBIAN:DSA-2818 | URL:http://www.debian.org/security/2013/dsa-2818 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2006-1 | URL:http://www.ubuntu.com/usn/USN-2006-1 | BID:63105 | URL:http://www.securityfocus.com/bid/63105 | SECTRACK:1029184 | URL:http://www.securitytracker.com/id/1029184";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2013-5860;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64864 | URL:http://www.securityfocus.com/bid/64864 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135860(90373) | URL:http://xforce.iss.net/xforce/xfdb/90373";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2013-5881;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2014-0431.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64885 | URL:http://www.securityfocus.com/bid/64885 | OSVDB:102066 | URL:http://osvdb.org/102066 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135881(90377) | URL:http://xforce.iss.net/xforce/xfdb/90377";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2013-5882;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedures.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64854 | URL:http://www.securityfocus.com/bid/64854 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135882(90374) | URL:http://xforce.iss.net/xforce/xfdb/90374";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2013-5891;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64891 | URL:http://www.securityfocus.com/bid/64891 | OSVDB:102070 | URL:http://osvdb.org/102070 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2013-5894;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64873 | URL:http://www.securityfocus.com/bid/64873 | OSVDB:102065 | URL:http://osvdb.org/102065 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20135894(90376) | URL:http://xforce.iss.net/xforce/xfdb/90376";Assigned (20130918);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2013-5908;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64896 | URL:http://www.securityfocus.com/bid/64896 | OSVDB:102078 | URL:http://osvdb.org/102078 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20135908(90389) | URL:http://xforce.iss.net/xforce/xfdb/90389";Assigned (20130918);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | BID:65298 | URL:http://www.securityfocus.com/bid/65298 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714";Assigned (20131203);"None (candidate not yet proposed)";
+02.565.63;02;565;63;CVE-2014-0001;Candidate;"Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.";"CONFIRM:http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1054592 | CONFIRM:https://mariadb.com/kb/en/mariadb-5535-changelog/ | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | MANDRIVA:MDVSA-2014:029 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2014:029 | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | BID:65298 | URL:http://www.securityfocus.com/bid/65298 | OSVDB:102713 | URL:http://osvdb.org/102713 | OSVDB:102714 | URL:http://www.osvdb.org/102714";Assigned (20131203);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-0384;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.71;5;1;71;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0386;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64904 | URL:http://www.securityfocus.com/bid/64904 | OSVDB:102069 | URL:http://osvdb.org/102069 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140386(90380) | URL:http://xforce.iss.net/xforce/xfdb/90380";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.71;5;1;71;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0393;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64877 | URL:http://www.securityfocus.com/bid/64877 | OSVDB:102075 | URL:http://osvdb.org/102075 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140393(90386) | URL:http://xforce.iss.net/xforce/xfdb/90386";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0401;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64898 | URL:http://www.securityfocus.com/bid/64898 | OSVDB:102071 | URL:http://osvdb.org/102071 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140401(90382) | URL:http://xforce.iss.net/xforce/xfdb/90382";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.71;5;1;71;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.33;5;5;33;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0402;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier; 5.5.33 and earlier; and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64908 | URL:http://www.securityfocus.com/bid/64908 | OSVDB:102068 | URL:http://osvdb.org/102068 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140402(90379) | URL:http://xforce.iss.net/xforce/xfdb/90379";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0412;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64880 | URL:http://www.securityfocus.com/bid/64880 | OSVDB:102067 | URL:http://osvdb.org/102067 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140412(90378) | URL:http://xforce.iss.net/xforce/xfdb/90378";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0420;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier; and 5.6.14 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64888 | URL:http://www.securityfocus.com/bid/64888 | OSVDB:102077 | URL:http://osvdb.org/102077 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140420(90388) | URL:http://xforce.iss.net/xforce/xfdb/90388";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0427;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via vectors related to FTS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64868 | URL:http://www.securityfocus.com/bid/64868 | OSVDB:102072 | URL:http://osvdb.org/102072 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140427(90383) | URL:http://xforce.iss.net/xforce/xfdb/90383";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0430;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64893 | URL:http://www.securityfocus.com/bid/64893 | OSVDB:102076 | URL:http://osvdb.org/102076 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140430(90387) | URL:http://xforce.iss.net/xforce/xfdb/90387";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0431;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2013-5881.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64897 | URL:http://www.securityfocus.com/bid/64897 | OSVDB:102073 | URL:http://osvdb.org/102073 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140431(90384) | URL:http://xforce.iss.net/xforce/xfdb/90384";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.13;5;6;13;CVE-2014-0433;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote attackers to affect availability via unknown vectors related to Thread Pooling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64895 | URL:http://www.securityfocus.com/bid/64895 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | XF:oracle-cpujan2014-cve20140433(90375) | URL:http://xforce.iss.net/xforce/xfdb/90375";Assigned (20131212);"None (candidate not yet proposed)";
+5.1.72;5;1;72;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.34;5;5;34;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
+5.6.14;5;6;14;CVE-2014-0437;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier; 5.5.34 and earlier; and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | DEBIAN:DSA-2845 | URL:http://www.debian.org/security/2014/dsa-2845 | DEBIAN:DSA-2848 | URL:http://www.debian.org/security/2014/dsa-2848 | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | REDHAT:RHSA-2014:0164 | URL:http://rhn.redhat.com/errata/RHSA-2014-0164.html | REDHAT:RHSA-2014:0173 | URL:http://rhn.redhat.com/errata/RHSA-2014-0173.html | REDHAT:RHSA-2014:0186 | URL:http://rhn.redhat.com/errata/RHSA-2014-0186.html | REDHAT:RHSA-2014:0189 | URL:http://rhn.redhat.com/errata/RHSA-2014-0189.html | UBUNTU:USN-2086-1 | URL:http://ubuntu.com/usn/usn-2086-1 | BID:64758 | URL:http://www.securityfocus.com/bid/64758 | BID:64849 | URL:http://www.securityfocus.com/bid/64849 | OSVDB:102074 | URL:http://osvdb.org/102074 | SECUNIA:56491 | URL:http://secunia.com/advisories/56491 | SECUNIA:56541 | URL:http://secunia.com/advisories/56541 | SECUNIA:56580 | URL:http://secunia.com/advisories/56580 | XF:oracle-cpujan2014-cve20140437(90385) | URL:http://xforce.iss.net/xforce/xfdb/90385";Assigned (20131212);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2419;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66880 | URL:http://www.securityfocus.com/bid/66880";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.36;5;5;36;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2430;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to Performance Schema.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66858 | URL:http://www.securityfocus.com/bid/66858";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.36;5;5;36;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2431;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect availability via unknown vectors related to Options.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66890 | URL:http://www.securityfocus.com/bid/66890";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2432;Candidate;"Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66875 | URL:http://www.securityfocus.com/bid/66875";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2434;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66872 | URL:http://www.securityfocus.com/bid/66872";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2435;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66853 | URL:http://www.securityfocus.com/bid/66853";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.36;5;5;36;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.16;5;6;16;CVE-2014-2436;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66896 | URL:http://www.securityfocus.com/bid/66896";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-2438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html | GENTOO:GLSA-201409-04 | URL:http://security.gentoo.org/glsa/glsa-201409-04.xml | BID:66846 | URL:http://www.securityfocus.com/bid/66846";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2442;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2444;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2450;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
5.6.15;5;6;15;CVE-2014-2451;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html";Assigned (20140313);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | XF:oracle-cpujul2014-cve20144207(94624) | URL:http://xforce.iss.net/xforce/xfdb/94624";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68607 | URL:http://www.securityfocus.com/bid/68607 | XF:oracle-cpujul2014-cve20144214(94627) | URL:http://xforce.iss.net/xforce/xfdb/94627";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68598 | URL:http://www.securityfocus.com/bid/68598 | XF:oracle-cpujul2014-cve20144233(94625) | URL:http://xforce.iss.net/xforce/xfdb/94625";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68587 | URL:http://www.securityfocus.com/bid/68587 | XF:oracle-cpujul2014-cve20144238(94623) | URL:http://xforce.iss.net/xforce/xfdb/94623";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68602 | URL:http://www.securityfocus.com/bid/68602 | XF:oracle-cpujul2014-cve20144240(94626) | URL:http://xforce.iss.net/xforce/xfdb/94626";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and eariler and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and eariler and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20141217);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150320);"None (candidate not yet proposed)";
-5.7.3;5;7;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-6.1.3;6;1;3;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html";Assigned (20150624);"None (candidate not yet proposed)";
-5.6.28;5;6;28;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-2.17.1;2;17;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-10.0.22;10;0;22;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-2.21.2;2;21;2;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
-5.4.43;5;4;43;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)";
-5.5.27;5;5;27;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)";
-5.6.11;5;6;11;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669";Assigned (20160331);"None (candidate not yet proposed)";
-5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";
-5.6.27;5;6;27;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";
-5.7.9;5;7;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";
-10.0.23;10;0;23;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";
-10.1.10;10;1;10;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1";Assigned (20151209);"None (candidate not yet proposed)";
-5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)";
-10.0.23;10;0;23;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)";
-10.1.10;10;1;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html";Assigned (20160122);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.10;5;7;10;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)";
-3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160317);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.30;5;6;30;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.50;5;5;50;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-10.0.26;10;0;26;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-10.1.15;10;1;15;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.6.29;5;6;29;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.7.11;5;7;11;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-5.5.49;5;5;49;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-10.0.25;10;0;25;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
-10.1.14;10;1;14;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | BID:91787 | URL:http://www.securityfocus.com/bid/91787";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-2484;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRFTS.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-2494;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425";Assigned (20140313);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-4207;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68593 | URL:http://www.securityfocus.com/bid/68593 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144207(94624) | URL:http://xforce.iss.net/xforce/xfdb/94624";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4214;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRSP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68607 | URL:http://www.securityfocus.com/bid/68607 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144214(94627) | URL:http://xforce.iss.net/xforce/xfdb/94627";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4233;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68598 | URL:http://www.securityfocus.com/bid/68598 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144233(94625) | URL:http://xforce.iss.net/xforce/xfdb/94625";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4238;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68587 | URL:http://www.securityfocus.com/bid/68587 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144238(94623) | URL:http://xforce.iss.net/xforce/xfdb/94623";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4240;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68602 | URL:http://www.securityfocus.com/bid/68602 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144240(94626) | URL:http://xforce.iss.net/xforce/xfdb/94626";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.35;5;5;35;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.15;5;6;15;CVE-2014-4243;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | BID:68611 | URL:http://www.securityfocus.com/bid/68611 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144243(94628) | URL:http://xforce.iss.net/xforce/xfdb/94628";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4258;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SRINFOSC.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68564 | URL:http://www.securityfocus.com/bid/68564 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144258(94620) | URL:http://xforce.iss.net/xforce/xfdb/94620";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.37;5;5;37;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.17;5;6;17;CVE-2014-4260;Candidate;"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier; and 5.6.17 and earlier; allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.";"BUGTRAQ:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded | FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities | URL:http://seclists.org/fulldisclosure/2014/Dec/23 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html | CONFIRM:http://www.vmware.com/security/advisories/VMSA-2014-0012.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-2985 | URL:http://www.debian.org/security/2014/dsa-2985 | SUSE:SUSE-SU-2014:1072 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:68573 | URL:http://www.securityfocus.com/bid/68573 | SECTRACK:1030578 | URL:http://www.securitytracker.com/id/1030578 | SECUNIA:60425 | URL:http://secunia.com/advisories/60425 | XF:oracle-cpujul2014-cve20144260(94621) | URL:http://xforce.iss.net/xforce/xfdb/94621";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-4274;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to SERVER:MyISAM.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:69732 | URL:http://www.securityfocus.com/bid/69732";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-4287;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70517 | URL:http://www.securityfocus.com/bid/70517";Assigned (20140617);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6463;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70532 | URL:http://www.securityfocus.com/bid/70532";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6464;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70451 | URL:http://www.securityfocus.com/bid/70451 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6469;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:OPTIMIZER.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70446 | URL:http://www.securityfocus.com/bid/70446 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6474;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:MEMCACHED.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6478;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70489 | URL:http://www.securityfocus.com/bid/70489";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6484;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70455 | URL:http://www.securityfocus.com/bid/70455";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6489;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SERVER:SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70525 | URL:http://www.securityfocus.com/bid/70525";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6491;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6500.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70444 | URL:http://www.securityfocus.com/bid/70444 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6494;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6496.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70497 | URL:http://www.securityfocus.com/bid/70497 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6495;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70496 | URL:http://www.securityfocus.com/bid/70496";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6496;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL; a different vulnerability than CVE-2014-6494.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70469 | URL:http://www.securityfocus.com/bid/70469 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via vectors related to SERVER:SSL:yaSSL; a different vulnerability than CVE-2014-6491.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70478 | URL:http://www.securityfocus.com/bid/70478 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to SERVER:MEMORY STORAGE ENGINE.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70516 | URL:http://www.securityfocus.com/bid/70516";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70550 | URL:http://www.securityfocus.com/bid/70550 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6520;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70510 | URL:http://www.securityfocus.com/bid/70510";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6530;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to CLIENT:MYSQLDUMP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70486 | URL:http://www.securityfocus.com/bid/70486";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6551;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via vectors related to CLIENT:MYSQLADMIN.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70462 | URL:http://www.securityfocus.com/bid/70462";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6555;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to SERVER:DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70530 | URL:http://www.securityfocus.com/bid/70530 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.39;5;5;39;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.20;5;6;20;CVE-2014-6559;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier; and 5.6.20 and earlier; allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | GENTOO:GLSA-201411-02 | URL:http://security.gentoo.org/glsa/glsa-201411-02.xml | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70487 | URL:http://www.securityfocus.com/bid/70487 | SECUNIA:61579 | URL:http://secunia.com/advisories/61579 | SECUNIA:62073 | URL:http://secunia.com/advisories/62073";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2014-6564;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:70511 | URL:http://www.securityfocus.com/bid/70511";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2014-6568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72210 | URL:http://www.securityfocus.com/bid/72210 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732";Assigned (20140917);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0374;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72227 | URL:http://www.securityfocus.com/bid/72227 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150374(100191) | URL:http://xforce.iss.net/xforce/xfdb/100191";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0381;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0382.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72214 | URL:http://www.securityfocus.com/bid/72214 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150381(100185) | URL:http://xforce.iss.net/xforce/xfdb/100185";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0382;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication; a different vulnerability than CVE-2015-0381.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72200 | URL:http://www.securityfocus.com/bid/72200 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150382(100184) | URL:http://xforce.iss.net/xforce/xfdb/100184";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0385;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | BID:72229 | URL:http://www.securityfocus.com/bid/72229 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150385(100190) | URL:http://xforce.iss.net/xforce/xfdb/100190";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.38;5;5;38;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.19;5;6;19;CVE-2015-0391;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier; and 5.6.19 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | BID:72205 | URL:http://www.securityfocus.com/bid/72205 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150391(100186) | URL:http://xforce.iss.net/xforce/xfdb/100186";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0405;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0409;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | BID:72223 | URL:http://www.securityfocus.com/bid/72223 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | XF:oracle-cpujan2015-cve20150409(100188) | URL:http://xforce.iss.net/xforce/xfdb/100188";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72191 | URL:http://www.securityfocus.com/bid/72191 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.21;5;6;21;CVE-2015-0411;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier; and 5.6.21 and earlier; allows remote attackers to affect confidentiality; integrity; and availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72191 | URL:http://www.securityfocus.com/bid/72191 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150411(100183) | URL:http://xforce.iss.net/xforce/xfdb/100183";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0423;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2015-0432;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3135 | URL:http://www.debian.org/security/2015/dsa-3135 | FEDORA:FEDORA-2015-1162 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.html | GENTOO:GLSA-201504-05 | URL:https://security.gentoo.org/glsa/201504-05 | REDHAT:RHSA-2015:0116 | URL:http://rhn.redhat.com/errata/RHSA-2015-0116.html | REDHAT:RHSA-2015:0117 | URL:http://rhn.redhat.com/errata/RHSA-2015-0117.html | REDHAT:RHSA-2015:0118 | URL:http://rhn.redhat.com/errata/RHSA-2015-0118.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0743 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html | UBUNTU:USN-2480-1 | URL:http://www.ubuntu.com/usn/USN-2480-1 | BID:72217 | URL:http://www.securityfocus.com/bid/72217 | SECTRACK:1031581 | URL:http://www.securitytracker.com/id/1031581 | SECUNIA:62728 | URL:http://secunia.com/advisories/62728 | SECUNIA:62730 | URL:http://secunia.com/advisories/62730 | SECUNIA:62732 | URL:http://secunia.com/advisories/62732 | XF:oracle-cpujan2015-cve20150432(100187) | URL:http://xforce.iss.net/xforce/xfdb/100187";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0433;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to InnoDB : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0438;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0439;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-4756.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74085 | URL:http://www.securityfocus.com/bid/74085 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-0441;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Encryption.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0498;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0499;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Federated.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0500;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | BID:74081 | URL:http://www.securityfocus.com/bid/74081 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0501;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0503;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74112 | URL:http://www.securityfocus.com/bid/74112 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0505;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74112 | URL:http://www.securityfocus.com/bid/74112 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0506;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB; a different vulnerability than CVE-2015-0508.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0507;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0508;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0506.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-0511;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20141217);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-2566;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-2567;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74073 | URL:http://www.securityfocus.com/bid/74073 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-2568;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74073 | URL:http://www.securityfocus.com/bid/74073 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74095 | URL:http://www.securityfocus.com/bid/74095 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-2571;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5543-release-notes/ | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | MANDRIVA:MDVSA-2015:227 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2015:227 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74095 | URL:http://www.securityfocus.com/bid/74095 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.41;5;5;41;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74078 | URL:http://www.securityfocus.com/bid/74078 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-2573;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier; and 5.6.22 and earlier; allows remote authenticated users to affect availability via vectors related to DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | DEBIAN:DSA-3229 | URL:http://www.debian.org/security/2015/dsa-3229 | GENTOO:GLSA-201507-19 | URL:https://security.gentoo.org/glsa/201507-19 | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:SUSE-SU-2015:0946 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html | UBUNTU:USN-2575-1 | URL:http://www.ubuntu.com/usn/USN-2575-1 | BID:74078 | URL:http://www.securityfocus.com/bid/74078 | SECTRACK:1032121 | URL:http://www.securitytracker.com/id/1032121";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2582;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75751 | URL:http://www.securityfocus.com/bid/75751";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2611;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75762 | URL:http://www.securityfocus.com/bid/75762";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2617;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality; integrity; and availability via unknown vectors related to Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75774 | URL:http://www.securityfocus.com/bid/75774";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-2620;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75837 | URL:http://www.securityfocus.com/bid/75837";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2639;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75760 | URL:http://www.securityfocus.com/bid/75760";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2641;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75815 | URL:http://www.securityfocus.com/bid/75815";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2643;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75830 | URL:http://www.securityfocus.com/bid/75830";Assigned (20150320);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2648;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75822 | URL:http://www.securityfocus.com/bid/75822";Assigned (20150320);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-2661;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows local users to affect availability via unknown vectors related to Client.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75813 | URL:http://www.securityfocus.com/bid/75813";Assigned (20150320);"None (candidate not yet proposed)";
+5.7.2;5;7;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
+6.1.2;6;1;2;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-3152;Candidate;"Oracle MySQL before 5.7.3; Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3; and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; aka a ""BACKRONYM"" attack.";"BUGTRAQ:20150429 [oCERT-2015-003] MySQL SSL/TLS downgrade | URL:http://www.securityfocus.com/archive/1/archive/1/535397/100/1100/threaded | MISC:http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/ | MISC:http://www.ocert.org/advisories/ocert-2015-003.html | MISC:https://www.duosecurity.com/blog/backronym-mysql-vulnerability | MISC:http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html | CONFIRM:http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/ | CONFIRM:https://access.redhat.com/security/cve/cve-2015-3152 | CONFIRM:https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390 | CONFIRM:https://jira.mariadb.org/browse/MDEV-7937 | FEDORA:FEDORA-2015-10831 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html | FEDORA:FEDORA-2015-10849 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html | BID:74398 | URL:http://www.securityfocus.com/bid/74398 | SECTRACK:1032216 | URL:http://www.securitytracker.com/id/1032216";Assigned (20150410);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4737;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier; and 5.6.23 and earlier; allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75802 | URL:http://www.securityfocus.com/bid/75802";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4752;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to Server : I_S.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3308 | URL:http://www.debian.org/security/2015/dsa-3308 | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75849 | URL:http://www.securityfocus.com/bid/75849";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.22;5;6;22;CVE-2015-4756;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB; a different vulnerability than CVE-2015-0439.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | BID:75785 | URL:http://www.securityfocus.com/bid/75785";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.42;5;5;42;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4757;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | REDHAT:RHSA-2015:1629 | URL:http://rhn.redhat.com/errata/RHSA-2015-1629.html | REDHAT:RHSA-2015:1628 | URL:http://rhn.redhat.com/errata/RHSA-2015-1628.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75759 | URL:http://www.securityfocus.com/bid/75759";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4761;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75770 | URL:http://www.securityfocus.com/bid/75770";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4766;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect availability via unknown vectors related to Server : Security : Firewall.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77232 | URL:http://www.securityfocus.com/bid/77232 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4767;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4769.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75844 | URL:http://www.securityfocus.com/bid/75844";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4769;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall; a different vulnerability than CVE-2015-4767.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75753 | URL:http://www.securityfocus.com/bid/75753";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4771;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75835 | URL:http://www.securityfocus.com/bid/75835";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4772;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html | REDHAT:RHSA-2015:1630 | URL:http://rhn.redhat.com/errata/RHSA-2015-1630.html | SUSE:openSUSE-SU-2015:1629 | URL:http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html | UBUNTU:USN-2674-1 | URL:http://www.ubuntu.com/usn/USN-2674-1 | BID:75781 | URL:http://www.securityfocus.com/bid/75781";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4791;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77213 | URL:http://www.securityfocus.com/bid/77213 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77171 | URL:http://www.securityfocus.com/bid/77171 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4792;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4802.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77171 | URL:http://www.securityfocus.com/bid/77171 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4800;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77216 | URL:http://www.securityfocus.com/bid/77216 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77165 | URL:http://www.securityfocus.com/bid/77165 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4802;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition; a different vulnerability than CVE-2015-4792.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77165 | URL:http://www.securityfocus.com/bid/77165 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77222 | URL:http://www.securityfocus.com/bid/77222 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4815;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77222 | URL:http://www.securityfocus.com/bid/77222 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.44;5;5;44;CVE-2015-4816;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77134 | URL:http://www.securityfocus.com/bid/77134 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.44;5;5;44;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77196 | URL:http://www.securityfocus.com/bid/77196 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4819;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client programs.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77196 | URL:http://www.securityfocus.com/bid/77196 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77237 | URL:http://www.securityfocus.com/bid/77237 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4826;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77237 | URL:http://www.securityfocus.com/bid/77237 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77228 | URL:http://www.securityfocus.com/bid/77228 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4830;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77228 | URL:http://www.securityfocus.com/bid/77228 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4833;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77170 | URL:http://www.securityfocus.com/bid/77170 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77190 | URL:http://www.securityfocus.com/bid/77190 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4836;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : SP.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77190 | URL:http://www.securityfocus.com/bid/77190 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77145 | URL:http://www.securityfocus.com/bid/77145 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4858;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via vectors related to DML; a different vulnerability than CVE-2015-4913.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77145 | URL:http://www.securityfocus.com/bid/77145 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77137 | URL:http://www.securityfocus.com/bid/77137 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4861;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77137 | URL:http://www.securityfocus.com/bid/77137 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4862;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77147 | URL:http://www.securityfocus.com/bid/77147 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.43;5;5;43;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77187 | URL:http://www.securityfocus.com/bid/77187 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.24;5;6;24;CVE-2015-4864;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77187 | URL:http://www.securityfocus.com/bid/77187 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4866;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77132 | URL:http://www.securityfocus.com/bid/77132 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77208 | URL:http://www.securityfocus.com/bid/77208 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4870;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier; and 5.6.26 and earlier; allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.";"MISC:http://packetstormsecurity.com/files/137232/MySQL-Procedure-Analyse-Denial-Of-Service.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77208 | URL:http://www.securityfocus.com/bid/77208 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.44;5;5;44;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77140 | URL:http://www.securityfocus.com/bid/77140 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4879;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier; and 5.6.25 and earlier; allows remote authenticated users to affect confidentiality; integrity; and availability via vectors related to DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77140 | URL:http://www.securityfocus.com/bid/77140 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4890;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Replication.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77231 | URL:http://www.securityfocus.com/bid/77231 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4895;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77136 | URL:http://www.securityfocus.com/bid/77136 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2015-4904;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to libmysqld.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77219 | URL:http://www.securityfocus.com/bid/77219 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.23;5;6;23;CVE-2015-4905;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | BID:77143 | URL:http://www.securityfocus.com/bid/77143 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4910;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77234 | URL:http://www.securityfocus.com/bid/77234 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77153 | URL:http://www.securityfocus.com/bid/77153 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2015-4913;Candidate;"Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML; a different vulnerability than CVE-2015-4858.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3385 | URL:http://www.debian.org/security/2015/dsa-3385 | DEBIAN:DSA-3377 | URL:http://www.debian.org/security/2015/dsa-3377 | FEDORA:FEDORA-2016-e30164d0a2 | URL:http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2015:2244 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html | SUSE:openSUSE-SU-2015:2246 | URL:http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html | UBUNTU:USN-2781-1 | URL:http://www.ubuntu.com/usn/USN-2781-1 | BID:77153 | URL:http://www.securityfocus.com/bid/77153 | SECTRACK:1033894 | URL:http://www.securitytracker.com/id/1033894";Assigned (20150624);"None (candidate not yet proposed)";
+5.6.27;5;6;27;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+2.17.0;2;17;0;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+10.0.21;10;0;21;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+2.21.1;2;21;1;CVE-2015-5969;Candidate;"The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.";"CONFIRM:https://bugzilla.suse.com/957174 | SUSE:SUSE-SU-2016:0296 | URL:https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:0368 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html | SUSE:openSUSE-SU-2016:0379 | URL:http://lists.opensuse.org/opensuse-updates/2016-02/msg00050.html";Assigned (20150812);"None (candidate not yet proposed)";
+5.4.42;5;4;42;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
+5.5.26;5;5;26;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
+5.6.10;5;6;10;CVE-2015-8838;Candidate;"ext/mysqlnd/mysqlnd.c in PHP before 5.4.43; 5.5.x before 5.5.27; and 5.6.x before 5.6.11 uses a client SSL option to mean that SSL is optional; which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack; a related issue to CVE-2015-3152.";"CONFIRM:http://git.php.net/?p=php-src.git;a=commit;h=97aa752fee61fccdec361279adbfb17a3c60f3f4 | CONFIRM:http://php.net/ChangeLog-5.php | CONFIRM:https://bugs.php.net/bug.php?id=69669 | SUSE:SUSE-SU-2016:1145 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html | SUSE:SUSE-SU-2016:1166 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html | SUSE:openSUSE-SU-2016:1167 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html | SUSE:openSUSE-SU-2016:1173 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html | UBUNTU:USN-2952-1 | URL:http://www.ubuntu.com/usn/USN-2952-1 | UBUNTU:USN-2952-2 | URL:http://www.ubuntu.com/usn/USN-2952-2";Assigned (20160331);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.7.8;5;7;8;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.5.46;5;5;46;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+10.0.22;10;0;22;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+10.1.9;10;1;9;CVE-2016-0546;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier; 5.6.27 and earlier; and 5.7.9 and MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10 allows local users to affect confidentiality; integrity; and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.";"CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1301493 | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-28.html | CONFIRM:https://github.com/mysql/mysql-server/commit/0dbd5a8797ed4bd18e8b883988fb62177eb0f73f | CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3459 | URL:http://www.debian.org/security/2016/dsa-3459 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:0367 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:openSUSE-SU-2016:0377 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html | UBUNTU:USN-2881-1 | URL:http://www.ubuntu.com/usn/USN-2881-1 | BID:81066 | URL:http://www.securityfocus.com/bid/81066 | SECTRACK:1034708 | URL:http://www.securitytracker.com/id/1034708";Assigned (20151209);"None (candidate not yet proposed)";
+5.5.46;5;5;46;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+10.0.22;10;0;22;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+10.1.9;10;1;9;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.5.47;5;5;47;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.6.28;5;6;28;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.7.10;5;7;10;CVE-2016-2047;Candidate;"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47; 10.0.x before 10.0.23; and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate; which allows man-in-the-middle attackers to spoof SSL servers via a ""/CN="" string in a field in a certificate; as demonstrated by ""/OU=/CN=bar.com/CN=foo.com.""";"MLIST:[oss-security] 20160126 Flaw in mariadb clients SSL certificate validation | URL:http://www.openwall.com/lists/oss-security/2016/01/26/3 | CONFIRM:https://mariadb.atlassian.net/browse/MDEV-9212 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mdb-10023-rn/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | DEBIAN:DSA-3453 | URL:http://www.debian.org/security/2016/dsa-3453 | DEBIAN:DSA-3557 | URL:http://www.debian.org/security/2016/dsa-3557 | REDHAT:RHSA-2016:0534 | URL:http://rhn.redhat.com/errata/RHSA-2016-0534.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | SUSE:openSUSE-SU-2016:1686 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html | SUSE:SUSE-SU-2016:1619 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html | SUSE:SUSE-SU-2016:1620 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html | SUSE:openSUSE-SU-2016:1664 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html | SUSE:SUSE-SU-2016:1279 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html | SUSE:openSUSE-SU-2016:1332 | URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html | UBUNTU:USN-2953-1 | URL:http://www.ubuntu.com/usn/USN-2953-1 | UBUNTU:USN-2954-1 | URL:http://www.ubuntu.com/usn/USN-2954-1 | BID:81810 | URL:http://www.securityfocus.com/bid/81810 | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160122);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3424;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91976 | URL:http://www.securityfocus.com/bid/91976";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91910 | URL:http://www.securityfocus.com/bid/91910";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.47;5;5;47;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.28;5;6;28;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.9;5;7;9;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.24;10;0;24;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.13;10;1;13;CVE-2016-3452;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.10 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91999 | URL:http://www.securityfocus.com/bid/91999";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.24;10;0;24;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.13;10;1;13;CVE-2016-3459;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91943 | URL:http://www.securityfocus.com/bid/91943";Assigned (20160317);"None (candidate not yet proposed)";
+3.0.25;3;0;25;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";
+3.1.2;3;1;2;CVE-2016-3461;Candidate;"Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality; integrity; and availability via vectors related to Monitoring: Server.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html | SECTRACK:1035606 | URL:http://www.securitytracker.com/id/1035606";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.45;5;5;45;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.26;5;6;26;CVE-2016-3471;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Option.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91913 | URL:http://www.securityfocus.com/bid/91913";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-3477;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Parser.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91902 | URL:http://www.securityfocus.com/bid/91902";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3486;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91980 | URL:http://www.securityfocus.com/bid/91980";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-3492;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93650 | URL:http://www.securityfocus.com/bid/93650";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-3495;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93670 | URL:http://www.securityfocus.com/bid/93670";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3501;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91949 | URL:http://www.securityfocus.com/bid/91949";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3518;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91967 | URL:http://www.securityfocus.com/bid/91967";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-3521;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91932 | URL:http://www.securityfocus.com/bid/91932";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3588;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91983 | URL:http://www.securityfocus.com/bid/91983";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-3614;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91992 | URL:http://www.securityfocus.com/bid/91992";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-3615;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91960 | URL:http://www.securityfocus.com/bid/91960";Assigned (20160317);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5436;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91906 | URL:http://www.securityfocus.com/bid/91906";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5437;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91917 | URL:http://www.securityfocus.com/bid/91917";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5439;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91969 | URL:http://www.securityfocus.com/bid/91969";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.29;5;6;29;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.49;5;5;49;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
+10.0.25;10;0;25;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
+10.1.14;10;1;14;CVE-2016-5440;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier; 5.6.30 and earlier; and 5.7.12 and earlier and MariaDB before 5.5.50; 10.0.x before 10.0.26; and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | DEBIAN:DSA-3624 | URL:http://www.debian.org/security/2016/dsa-3624 | DEBIAN:DSA-3632 | URL:http://www.debian.org/security/2016/dsa-3632 | REDHAT:RHSA-2016:1601 | URL:http://rhn.redhat.com/errata/RHSA-2016-1601.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | REDHAT:RHSA-2016:1603 | URL:http://rhn.redhat.com/errata/RHSA-2016-1603.html | REDHAT:RHSA-2016:1604 | URL:http://rhn.redhat.com/errata/RHSA-2016-1604.html | REDHAT:RHSA-2016:1637 | URL:http://rhn.redhat.com/errata/RHSA-2016-1637.html | SUSE:openSUSE-SU-2016:2278 | URL:http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91953 | URL:http://www.securityfocus.com/bid/91953";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5441;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91915 | URL:http://www.securityfocus.com/bid/91915";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5442;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91974 | URL:http://www.securityfocus.com/bid/91974";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-5443;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | UBUNTU:USN-3040-1 | URL:http://www.ubuntu.com/usn/USN-3040-1 | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91963 | URL:http://www.securityfocus.com/bid/91963";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.47;5;5;47;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.28;5;6;28;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.10;5;7;10;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.48;5;5;48;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
+10.0.24;10;0;24;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
+10.1.13;10;1;13;CVE-2016-5444;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier; 5.6.29 and earlier; and 5.7.11 and earlier and MariaDB before 5.5.49; 10.0.x before 10.0.25; and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/ | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 | CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html | REDHAT:RHSA-2016:0705 | URL:http://rhn.redhat.com/errata/RHSA-2016-0705.html | REDHAT:RHSA-2016:1602 | URL:http://rhn.redhat.com/errata/RHSA-2016-1602.html | BID:91787 | URL:http://www.securityfocus.com/bid/91787 | BID:91987 | URL:http://www.securityfocus.com/bid/91987";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93678 | URL:http://www.securityfocus.com/bid/93678";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5507;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93678 | URL:http://www.securityfocus.com/bid/93678";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.52;5;5;52;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.33;5;6;33;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.15;5;7;15;CVE-2016-5584;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier; 5.6.33 and earlier; and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | DEBIAN:DSA-3706 | URL:http://www.debian.org/security/2016/dsa-3706 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93735 | URL:http://www.securityfocus.com/bid/93735";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5625;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality; integrity; and availability via vectors related to Server: Packaging.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93617 | URL:http://www.securityfocus.com/bid/93617";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93642 | URL:http://www.securityfocus.com/bid/93642";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5627;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93642 | URL:http://www.securityfocus.com/bid/93642";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5628;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93662 | URL:http://www.securityfocus.com/bid/93662";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5629;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93668 | URL:http://www.securityfocus.com/bid/93668";Assigned (20160616);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93674 | URL:http://www.securityfocus.com/bid/93674";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5630;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93674 | URL:http://www.securityfocus.com/bid/93674";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5631;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93684 | URL:http://www.securityfocus.com/bid/93684";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-5632;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93693 | URL:http://www.securityfocus.com/bid/93693";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5633;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-8290.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93702 | URL:http://www.securityfocus.com/bid/93702";Assigned (20160616);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-5635;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93715 | URL:http://www.securityfocus.com/bid/93715";Assigned (20160616);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.50;5;5;50;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+10.0.26;10;0;26;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+10.1.16;10;1;16;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-6662;Candidate;"Oracle MySQL through 5.5.52; 5.6.x through 5.6.33; and 5.7.x through 5.7.15; MariaDB before 5.5.51; 10.0.x before 10.0.27; and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1; 5.6.x before 5.6.32-78.0; and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52; 5.6.33; and 5.7.15.";"EXPLOIT-DB:40360 | URL:https://www.exploit-db.com/exploits/40360/ | FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://seclists.org/fulldisclosure/2016/Sep/23 | MLIST:[oss-security] 20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/09/12/3 | MISC:http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html | CONFIRM:https://jira.mariadb.org/browse/MDEV-10465 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5551-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/09/12/percona-server-critical-update-cve-2016-6662/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | DEBIAN:DSA-3666 | URL:http://www.debian.org/security/2016/dsa-3666 | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:92912 | URL:http://www.securityfocus.com/bid/92912";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+8.0.0;8;0;0;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+10.0.27;10;0;27;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+10.1.17;10;1;17;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.50;5;5;50;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2016-6663;Candidate;"Race condition in Oracle MySQL before 5.5.52; 5.6.x before 5.6.33; 5.7.x before 5.7.15; and 8.x before 8.0.1; MariaDB before 5.5.52; 10.0.x before 10.0.28; and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.";"EXPLOIT-DB:40678 | URL:https://www.exploit-db.com/exploits/40678/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MLIST:[oss-security] 20161025 Re: CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) | URL:http://www.openwall.com/lists/oss-security/2016/10/25/4 | MISC:https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-33.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html | CONFIRM:https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-1.html | CONFIRM:https://github.com/MariaDB/server/commit/347eeefbfc658c8531878218487d729f4e020805 | CONFIRM:https://github.com/mysql/mysql-server/commit/4e5473862e6852b0f3802b0cd0c6fa10b5253291 | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:92911 | URL:http://www.securityfocus.com/bid/92911 | BID:93614 | URL:http://www.securityfocus.com/bid/93614";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.50;5;5;50;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.5.40;5;5;40;CVE-2016-6664;Candidate;"mysqld_safe in Oracle MySQL through 5.5.51; 5.6.x through 5.6.32; and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2; 5.6.x before 5.6.32-78-1; and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0; 5.6.x before 5.6.32-25.17; and 5.7.x before 5.7.14-26.17; when using file-based logging; allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.";"BUGTRAQ:20161104 MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 ) | URL:http://www.securityfocus.com/archive/1/archive/1/539695/100/0/threaded | EXPLOIT-DB:40679 | URL:https://www.exploit-db.com/exploits/40679/ | FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] | URL:http://seclists.org/fulldisclosure/2016/Nov/4 | MISC:http://legalhackers.com/advisories/MySQL-Maria-Percona-RootPrivEsc-CVE-2016-6664-5617-Exploit.html | MISC:http://packetstormsecurity.com/files/139491/MySQL-MariaDB-PerconaDB-Root-Privilege-Escalation.html | CONFIRM:https://www.percona.com/blog/2016/11/02/percona-responds-to-cve-2016-6663-and-cve-2016-6664/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | BID:93612 | URL:http://www.securityfocus.com/bid/93612";Assigned (20160810);"None (candidate not yet proposed)";
+5.6.25;5;6;25;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | BID:93005 | URL:http://www.securityfocus.com/bid/93005";Assigned (20160909);"None (candidate not yet proposed)";
+7.0.10;7;0;10;CVE-2016-7412;Candidate;"ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag; which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata.";"MLIST:[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11 | URL:http://www.openwall.com/lists/oss-security/2016/09/15/10 | CONFIRM:http://www.php.net/ChangeLog-5.php | CONFIRM:http://www.php.net/ChangeLog-7.php | CONFIRM:https://bugs.php.net/bug.php?id=72293 | CONFIRM:https://github.com/php/php-src/commit/28f80baf3c53e267c9ce46a2a0fadbb981585132?w=1 | BID:93005 | URL:http://www.securityfocus.com/bid/93005";Assigned (20160909);"None (candidate not yet proposed)";
+5.5.51;5;5;51;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.32;5;6;32;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-8283;Candidate;"Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier; 5.6.32 and earlier; and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ | CONFIRM:https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93737 | URL:http://www.securityfocus.com/bid/93737";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.31;5;6;31;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93755 | URL:http://www.securityfocus.com/bid/93755";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8284;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93755 | URL:http://www.securityfocus.com/bid/93755";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.14;5;7;14;CVE-2016-8286;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93745 | URL:http://www.securityfocus.com/bid/93745";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8287;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93727 | URL:http://www.securityfocus.com/bid/93727";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.30;5;6;30;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93740 | URL:http://www.securityfocus.com/bid/93740";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.12;5;7;12;CVE-2016-8288;Candidate;"Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93740 | URL:http://www.securityfocus.com/bid/93740";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8289;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93720 | URL:http://www.securityfocus.com/bid/93720";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.13;5;7;13;CVE-2016-8290;Candidate;"Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema; a different vulnerability than CVE-2016-5633.";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html | GENTOO:GLSA-201701-01 | URL:https://security.gentoo.org/glsa/201701-01 | BID:93733 | URL:http://www.securityfocus.com/bid/93733";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95580 | URL:http://www.securityfocus.com/bid/95580";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2016-8318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.8 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95580 | URL:http://www.securityfocus.com/bid/95580";Assigned (20160926);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95557 | URL:http://www.securityfocus.com/bid/95557";Assigned (20160926);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2016-8327;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95557 | URL:http://www.securityfocus.com/bid/95557";Assigned (20160926);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95571 | URL:http://www.securityfocus.com/bid/95571";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95571 | URL:http://www.securityfocus.com/bid/95571";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3238;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95571 | URL:http://www.securityfocus.com/bid/95571";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3243;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95538 | URL:http://www.securityfocus.com/bid/95538";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95565 | URL:http://www.securityfocus.com/bid/95565";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95565 | URL:http://www.securityfocus.com/bid/95565";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3244;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95565 | URL:http://www.securityfocus.com/bid/95565";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3251;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.9 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95482 | URL:http://www.securityfocus.com/bid/95482";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3256;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95486 | URL:http://www.securityfocus.com/bid/95486";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95589 | URL:http://www.securityfocus.com/bid/95589";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3257;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95589 | URL:http://www.securityfocus.com/bid/95589";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95560 | URL:http://www.securityfocus.com/bid/95560";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95560 | URL:http://www.securityfocus.com/bid/95560";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3258;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95560 | URL:http://www.securityfocus.com/bid/95560";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95520 | URL:http://www.securityfocus.com/bid/95520";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95520 | URL:http://www.securityfocus.com/bid/95520";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3265;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95520 | URL:http://www.securityfocus.com/bid/95520";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95583 | URL:http://www.securityfocus.com/bid/95583";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3273;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95583 | URL:http://www.securityfocus.com/bid/95583";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95501 | URL:http://www.securityfocus.com/bid/95501";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95501 | URL:http://www.securityfocus.com/bid/95501";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3291;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.3 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95501 | URL:http://www.securityfocus.com/bid/95501";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.55;5;5;55;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97023 | URL:http://www.securityfocus.com/bid/97023";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3305;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97023 | URL:http://www.securityfocus.com/bid/97023";Assigned (20161206);"None (candidate not yet proposed)";
+3.1.6;3;1;6;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724";Assigned (20161206);"None (candidate not yet proposed)";
+3.2.1182;3;2;1182;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724";Assigned (20161206);"None (candidate not yet proposed)";
+3.3.2;3;3;2;CVE-2017-3306;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation; deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97724 | URL:http://www.securityfocus.com/bid/97724";Assigned (20161206);"None (candidate not yet proposed)";
+3.1.6;3;1;6;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844";Assigned (20161206);"None (candidate not yet proposed)";
+3.2.1182;3;2;1182;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844";Assigned (20161206);"None (candidate not yet proposed)";
+3.3.2;3;3;2;CVE-2017-3307;Candidate;"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier; 3.2.1182 and earlier and 3.3.2.1162 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 3.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97844 | URL:http://www.securityfocus.com/bid/97844";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97725 | URL:http://www.securityfocus.com/bid/97725";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97725 | URL:http://www.securityfocus.com/bid/97725";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3308;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97725 | URL:http://www.securityfocus.com/bid/97725";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97742 | URL:http://www.securityfocus.com/bid/97742";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97742 | URL:http://www.securityfocus.com/bid/97742";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3309;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server; attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97742 | URL:http://www.securityfocus.com/bid/97742";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95491 | URL:http://www.securityfocus.com/bid/95491";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95491 | URL:http://www.securityfocus.com/bid/95491";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3312;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality; Integrity and Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95491 | URL:http://www.securityfocus.com/bid/95491";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95527 | URL:http://www.securityfocus.com/bid/95527";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95527 | URL:http://www.securityfocus.com/bid/95527";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3313;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95527 | URL:http://www.securityfocus.com/bid/95527";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95585 | URL:http://www.securityfocus.com/bid/95585";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95585 | URL:http://www.securityfocus.com/bid/95585";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3317;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.0 (Availability impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95585 | URL:http://www.securityfocus.com/bid/95585";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.53;5;5;53;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95588 | URL:http://www.securityfocus.com/bid/95588";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.34;5;6;34;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95588 | URL:http://www.securityfocus.com/bid/95588";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3318;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). Supported versions that are affected are 5.5.53 and earlier; 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.0 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95588 | URL:http://www.securityfocus.com/bid/95588";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3319;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95479 | URL:http://www.securityfocus.com/bid/95479";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.16;5;7;16;CVE-2017-3320;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 2.4 (Confidentiality impacts).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html | BID:95470 | URL:http://www.securityfocus.com/bid/95470";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97763 | URL:http://www.securityfocus.com/bid/97763";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97763 | URL:http://www.securityfocus.com/bid/97763";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3329;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97763 | URL:http://www.securityfocus.com/bid/97763";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.11;5;7;11;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97772 | URL:http://www.securityfocus.com/bid/97772";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3331;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11 to 5.7.17. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97772 | URL:http://www.securityfocus.com/bid/97772";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97747 | URL:http://www.securityfocus.com/bid/97747";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3450;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97747 | URL:http://www.securityfocus.com/bid/97747";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3452;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.35 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97779 | URL:http://www.securityfocus.com/bid/97779";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97776 | URL:http://www.securityfocus.com/bid/97776";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97776 | URL:http://www.securityfocus.com/bid/97776";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3453;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97776 | URL:http://www.securityfocus.com/bid/97776";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3454;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97791 | URL:http://www.securityfocus.com/bid/97791";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3455;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97820 | URL:http://www.securityfocus.com/bid/97820";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97831 | URL:http://www.securityfocus.com/bid/97831";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97831 | URL:http://www.securityfocus.com/bid/97831";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3456;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97831 | URL:http://www.securityfocus.com/bid/97831";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3457;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97845 | URL:http://www.securityfocus.com/bid/97845";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3458;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97837 | URL:http://www.securityfocus.com/bid/97837";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3459;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97847 | URL:http://www.securityfocus.com/bid/97847";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3460;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97826 | URL:http://www.securityfocus.com/bid/97826";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97812 | URL:http://www.securityfocus.com/bid/97812";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97812 | URL:http://www.securityfocus.com/bid/97812";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3461;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97812 | URL:http://www.securityfocus.com/bid/97812";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97851 | URL:http://www.securityfocus.com/bid/97851";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97851 | URL:http://www.securityfocus.com/bid/97851";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3462;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97851 | URL:http://www.securityfocus.com/bid/97851";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97849 | URL:http://www.securityfocus.com/bid/97849";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97849 | URL:http://www.securityfocus.com/bid/97849";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3463;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97849 | URL:http://www.securityfocus.com/bid/97849";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97818 | URL:http://www.securityfocus.com/bid/97818";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97818 | URL:http://www.securityfocus.com/bid/97818";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3464;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97818 | URL:http://www.securityfocus.com/bid/97818";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3465;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97822 | URL:http://www.securityfocus.com/bid/97822";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3467;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97825 | URL:http://www.securityfocus.com/bid/97825";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3468;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update; insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97848 | URL:http://www.securityfocus.com/bid/97848";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97754 | URL:http://www.securityfocus.com/bid/97754";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3599;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.";"MISC:https://www.secforce.com/blog/2017/04/cve-2017-3599-pre-auth-mysql-remote-dos/ | CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97754 | URL:http://www.securityfocus.com/bid/97754";Assigned (20161206);"None (candidate not yet proposed)";
+5.5.54;5;5;54;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97765 | URL:http://www.securityfocus.com/bid/97765";Assigned (20161206);"None (candidate not yet proposed)";
+5.6.35;5;6;35;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97765 | URL:http://www.securityfocus.com/bid/97765";Assigned (20161206);"None (candidate not yet proposed)";
+5.7.17;5;7;17;CVE-2017-3600;Candidate;"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier; 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality; Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).";"CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | BID:97765 | URL:http://www.securityfocus.com/bid/97765";Assigned (20161206);"None (candidate not yet proposed)";