Every CVE whose affected-product data names Oracle Mysql, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2012-2750 — CVSS 10.0 (critical): Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533…
CVE-2004-0836 — CVSS 10.0 (critical): Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a…
CVE-2016-0705 — CVSS 9.8 (critical): Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g…
CVE-2020-11656 — CVSS 9.8 (critical): In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a…
CVE-2019-14540 — CVSS 9.8 (critical): A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
CVE-2016-0639 — CVSS 9.8 (critical): Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality…
CVE-2016-9841 — CVSS 9.8 (critical): inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2016-9843 — CVSS 9.8 (critical): The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving…
CVE-2016-6662 — CVSS 9.8 (critical): Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x…
CVE-2003-0780 — CVSS 9.0 (critical): Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE…
CVE-2012-3163 — CVSS 9.0 (critical): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote…
CVE-2003-0150 — CVSS 9.0 (critical): MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE"…
CVE-2016-9842 — CVSS 8.8 (high): The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors…
CVE-2016-9840 — CVSS 8.8 (high): inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2005-2572 — CVSS 8.5 (high): MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of…
CVE-2009-2446 — CVSS 8.5 (high): Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83…
CVE-2016-3477 — CVSS 8.1 (high): Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x…
CVE-2020-14878 — CVSS 8.0 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected…
CVE-2002-0969 — CVSS 7.8 (high): Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute…
CVE-2018-3155 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.23…
CVE-2017-3308 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.54…
CVE-2020-5258 — CVSS 7.7 (high): In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the…
CVE-2018-2755 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2017-3309 — CVSS 7.7 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2016-3440 — CVSS 7.7 (high): Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related…
CVE-2019-2632 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected…
CVE-2020-5398 — CVSS 7.5 (high): In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is…
CVE-2002-1923 — CVSS 7.5 (high): The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow…
CVE-2024-21272 — CVSS 7.5 (high): Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0…
CVE-2012-0882 — CVSS 7.5 (high): Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows…
CVE-2002-1921 — CVSS 7.5 (high): The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface…
CVE-2002-1809 — CVSS 7.5 (high): The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote…
CVE-2012-3158 — CVSS 7.5 (high): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers…
CVE-2001-1453 — CVSS 7.5 (high): Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host…
CVE-2001-1454 — CVSS 7.5 (high): Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
CVE-2002-1376 — CVSS 7.5 (high): libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in…
CVE-2017-10155 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected…
CVE-2009-4484 — CVSS 7.5 (high): Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in…
CVE-2002-1375 — CVSS 7.5 (high): The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long…
CVE-2015-0411 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect…
CVE-2016-2105 — CVSS 7.5 (high): Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote…
CVE-2020-11655 — CVSS 7.5 (high): SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the…
CVE-2018-2696 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are…
CVE-2014-6500 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect…
CVE-2014-6491 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect…
CVE-2001-1274 — CVSS 7.5 (high): Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
CVE-2002-1374 — CVSS 7.5 (high): The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force…
CVE-2019-2822 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Admin / InnoDB Cluster). Supported versions that are…
CVE-2004-0835 — CVSS 7.5 (high): MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original…
CVE-2016-3471 — CVSS 7.5 (high): Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality…
CVE-2000-0148 — CVSS 7.5 (high): MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
CVE-2017-3302 — CVSS 7.5 (high): Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x…
CVE-2013-1492 — CVSS 7.5 (high): Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a…
CVE-2008-0226 — CVSS 7.5 (high): Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute…
CVE-2017-3329 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Thread Pooling). Supported versions that are affected…
CVE-2017-3450 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are…
CVE-2014-0001 — CVSS 7.5 (high): Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service…
CVE-2020-1967 — CVSS 7.5 (high): Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer…
CVE-2012-0553 — CVSS 7.5 (high): Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a…
CVE-2006-2753 — CVSS 7.5 (high): SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary…
CVE-2017-3599 — CVSS 7.5 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected…
CVE-2022-21600 — CVSS 7.2 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27…
CVE-2016-0546 — CVSS 7.2 (high): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2001-1275 — CVSS 7.2 (high): MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from…
CVE-2020-14828 — CVSS 7.2 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and…
CVE-2021-2144 — CVSS 7.2 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.29 and…
CVE-2020-14697 — CVSS 7.2 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected…
CVE-2000-0981 — CVSS 7.2 (high): MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the…
CVE-2015-4819 — CVSS 7.2 (high): Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality…
CVE-2020-14663 — CVSS 7.2 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected…
CVE-2020-14678 — CVSS 7.2 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected…
CVE-2022-21278 — CVSS 7.1 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26…
CVE-2018-3064 — CVSS 7.1 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and…
CVE-2018-2562 — CVSS 7.1 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are…
CVE-2021-35610 — CVSS 7.1 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.26…
CVE-2019-2800 — CVSS 7.1 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2019-2534 — CVSS 7.1 (high): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2022-21351 — CVSS 7.1 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27…
CVE-2023-21980 — CVSS 7.1 (high): Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.41 and…
CVE-2016-6663 — CVSS 7.0 (high): Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x…
CVE-2016-5625 — CVSS 7.0 (high): Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via…
CVE-2016-6664 — CVSS 7.0 (high): mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2…
CVE-2021-2046 — CVSS 6.8 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are…
CVE-2009-4028 — CVSS 6.8 (medium): The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a…
CVE-2016-0505 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before…
CVE-2016-0504 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors…
CVE-2013-0384 — CVSS 6.8 (medium): Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated…
CVE-2012-3177 — CVSS 6.8 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote…
CVE-2013-5860 — CVSS 6.8 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect…
CVE-2013-5882 — CVSS 6.8 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect…
CVE-2013-0389 — CVSS 6.8 (medium): Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated…
CVE-2018-2583 — CVSS 6.8 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are…
CVE-2012-1703 — CVSS 6.8 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote…
CVE-2012-5060 — CVSS 6.8 (medium): Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated…
CVE-2016-8318 — CVSS 6.8 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are…
CVE-2012-1735 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown…
CVE-2013-2395 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors…
CVE-2014-6469 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect…
CVE-2013-0386 — CVSS 6.8 (medium): Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect…
CVE-2009-5026 — CVSS 6.8 (medium): The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which…
CVE-2004-0957 — CVSS 6.8 (medium): Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore)…
CVE-2017-3312 — CVSS 6.7 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are…
CVE-2017-3600 — CVSS 6.6 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are…
CVE-2013-0385 — CVSS 6.6 (medium): Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect…
CVE-2018-3182 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 8.0.12…
CVE-2013-2375 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users…
CVE-2023-22059 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34…
CVE-2013-2378 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users…
CVE-2020-2780 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and…
CVE-2020-14800 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected…
CVE-2024-21196 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.39…
CVE-2016-5609 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect…
CVE-2016-5612 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users…
CVE-2016-5624 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related…
CVE-2016-5626 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users…
CVE-2016-5627 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect…
CVE-2020-2790 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are…
CVE-2006-4227 — CVSS 6.5 (medium): MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of…
CVE-2024-21171 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37…
CVE-2020-14775 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior…
CVE-2020-14769 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49…
CVE-2020-14765 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and…
CVE-2017-10167 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2021-2178 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.32…
CVE-2017-10276 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS). Supported versions that are affected are 5.6.37…
CVE-2022-39410 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30…
CVE-2022-39408 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30…
CVE-2021-2172 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and…
CVE-2017-10378 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2017-10379 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are…
CVE-2017-10384 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57…
CVE-2017-3238 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2017-3244 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.5.53…
CVE-2017-3256 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are…
CVE-2017-3257 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34…
CVE-2017-3258 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.53…
CVE-2017-3273 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34…
CVE-2017-3331 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). The supported version that is affected is 5.7.11…
CVE-2017-3452 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2017-3453 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2022-21635 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior…
CVE-2020-2686 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18…
CVE-2017-3633 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are…
CVE-2017-3634 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.6.36…
CVE-2025-50083 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are…
CVE-2022-21454 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are…
CVE-2014-2436 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect…
CVE-2018-2573 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38…
CVE-2014-2444 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality, integrity…
CVE-2014-2484 — CVSS 6.5 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect…
CVE-2018-2612 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and…
CVE-2018-2622 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58…
CVE-2018-2640 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2665 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2668 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2703 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are…
CVE-2018-2758 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are…
CVE-2022-21358 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected…
CVE-2014-4258 — CVSS 6.5 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote…
CVE-2018-2775 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2025-50082 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are…
CVE-2010-1848 — CVSS 6.5 (medium): Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended…
CVE-2018-2780 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-2782 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and…
CVE-2018-2784 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and…
CVE-2018-2805 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Supported versions that are affected are 5.6.39…
CVE-2018-2817 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59…
CVE-2018-2819 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and…
CVE-2018-3060 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and…
CVE-2018-3065 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22…
CVE-2018-3070 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are…
CVE-2014-6530 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect…
CVE-2018-3073 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2014-6555 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect…
CVE-2018-3133 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61…
CVE-2018-3137 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-3143 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and…
CVE-2018-3145 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 8.0.12…
CVE-2018-3156 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and…
CVE-2018-3203 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2018-3251 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and…
CVE-2020-2627 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.18 and…
CVE-2019-16168 — CVSS 6.5 (medium): In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a…
CVE-2019-2434 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24…
CVE-2019-2455 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42…
CVE-2019-2482 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and…
CVE-2019-2529 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are…
CVE-2024-20985 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and…
CVE-2019-2533 — CVSS 6.5 (medium): Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are…
CVE-2020-2579 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46…
CVE-2015-2617 — CVSS 6.5 (medium): Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity…
CVE-2025-50078 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.42…
CVE-2024-20977 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35…
CVE-2024-20975 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.2.0…
CVE-2024-20973 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35…
CVE-2025-50076 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.25…
CVE-2024-20963 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected…
CVE-2012-4414 — CVSS 6.5 (medium): Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62…
CVE-2024-20961 — CVSS 6.5 (medium): Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35…
CVE-2012-5611 — CVSS 6.5 (medium): Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions…