mariadb (SUSE:Linux Enterprise Server 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 package mariadb, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (92)
CVE-2015-2325 — CVSS 7.8 (high): The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service…
CVE-2014-6491 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect…
CVE-2014-6500 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect…
CVE-2015-0411 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect…
CVE-2014-0224 — CVSS 7.4 (high): OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages…
CVE-2016-0546 — CVSS 7.2 (high): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2015-4819 — CVSS 7.2 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality…
CVE-2014-6469 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect…
CVE-2014-0195 — CVSS 6.8 (medium): The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not…
CVE-2016-0505 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2014-4258 — CVSS 6.5 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote…
CVE-2014-6555 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect…
CVE-2014-6530 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect…
CVE-2016-0640 — CVSS 6.1 (medium): Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x…
CVE-2015-3152 — CVSS 5.9 (medium): Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to…
CVE-2016-2047 — CVSS 5.9 (medium): The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10…
CVE-2015-0501 — CVSS 5.7 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect…
CVE-2015-2326 — CVSS 5.5 (medium): The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service…
CVE-2016-0666 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x…
CVE-2014-4260 — CVSS 5.5 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote…
CVE-2016-0651 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.
CVE-2016-0650 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x…
CVE-2016-0649 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x…
CVE-2016-0648 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x…
CVE-2016-0647 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x…
CVE-2014-6489 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect integrity and availability…
CVE-2016-0646 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x…
CVE-2016-0644 — CVSS 5.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x…
CVE-2016-0641 — CVSS 5.1 (medium): Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x…
CVE-2014-8964 — CVSS 5.0 (medium): Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified…
CVE-2015-2568 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability…
CVE-2012-5615 — CVSS 5.0 (medium): Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates…
CVE-2016-0642 — CVSS 4.7 (medium): Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect…
CVE-2016-0655 — CVSS 4.7 (medium): Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before…
CVE-2015-4879 — CVSS 4.6 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect…
CVE-2014-6478 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity…
CVE-2014-3470 — CVSS 4.3 (medium): The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an…
CVE-2014-0221 — CVSS 4.3 (medium): The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote…
CVE-2014-0198 — CVSS 4.3 (medium): The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a…
CVE-2015-0382 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability…
CVE-2014-6496 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability…
CVE-2014-6559 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect…
CVE-2014-6495 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability…
CVE-2014-6494 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability…
CVE-2015-0381 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability…
CVE-2014-6507 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect…
CVE-2014-4274 — CVSS 4.1 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality…
CVE-2016-0668 — CVSS 4.1 (medium): Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before…
CVE-2015-4816 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown…
CVE-2015-0433 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect…
CVE-2010-5298 — CVSS 4.0 (medium): Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows…
CVE-2016-0616 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10…
CVE-2015-4826 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect…
CVE-2014-6564 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors…
CVE-2014-4287 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect…
CVE-2014-6464 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect…
CVE-2014-6520 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier allows remote authenticated users to affect availability via vectors…
CVE-2014-6505 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect…
CVE-2014-6484 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect…
CVE-2015-4830 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect…
CVE-2014-4207 — CVSS 4.0 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect…
CVE-2015-4858 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect…
CVE-2015-2573 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect…
CVE-2015-4870 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect…
CVE-2015-0432 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors…
CVE-2015-0441 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect…
CVE-2014-2494 — CVSS 4.0 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect…
CVE-2015-0391 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect…
CVE-2015-4802 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect…
CVE-2016-0596 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and 5.6.27 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and…
CVE-2016-0597 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2015-2571 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect…
CVE-2015-4815 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect…
CVE-2015-0505 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect…
CVE-2015-4807 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote…
CVE-2015-4861 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect…
CVE-2015-4895 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown…
CVE-2015-4913 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect…
CVE-2015-0374 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect…
CVE-2016-0598 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2016-0600 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2016-0606 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2016-0608 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2014-6568 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect…
CVE-2014-6474 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors…
CVE-2015-0499 — CVSS 3.5 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect…
CVE-2014-6463 — CVSS 3.3 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect…
CVE-2016-0643 — CVSS 3.3 (low): Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x…
CVE-2015-4836 — CVSS 2.8 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect…
CVE-2014-6551 — CVSS 2.1 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality via…
CVE-2016-0609 — CVSS 1.7 (low): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2015-4792 — CVSS 1.7 (low): Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect…