Download
| Alert*
oval:org.secpod.oval:def:39948
The host is installed with Oracle MySQL Server through 5.5.54 or 5.6.20 or MariaDB through 5.5.54 or 10.0.x through 10.0.29 or 10.1.x through 10.1.21 or 10.2.x through 10.2.3 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to ... oval:org.secpod.oval:def:1800906 CVE-2017-3313: mariaDB 10.1.22 CVE-2017-3302: mariaDB 10.1.22 Reference: oval:org.secpod.oval:def:204592 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb . Security Fix: * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names c ... oval:org.secpod.oval:def:1800971 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:1800972 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:1800965 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:1800966 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:113938 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:45752 The host is installed with MariaDB before 10.1.30 or 10.2.x before 10.2.10 and is prone to an authentication bypass vulnerability. A flaw is present in the application which fails to properly handle sql/event_data_objects.cc component. Successful exploitation allows remote authenticated users with S ... oval:org.secpod.oval:def:111394 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:111383 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:204132 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. ... oval:org.secpod.oval:def:204088 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Security Fix: * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a databa ... oval:org.secpod.oval:def:1800285 CVE-2016-3477: MariaDB 5.5.50, MariaDB 10.1.16 CVE-2016-3521: MariaDB 5.5.50, MariaDB 10.1.16 CVE-2016-3615: MariaDB 5.5.50, MariaDB 10.1.16 CVE-2016-5440: MariaDB 5.5.50, MariaDB 10.1.16 Reference: CVE-2016-6662: MariaDB 5.5.51, MariaDB 10.1.17. Reference: v3.4 should upgrade to 10.1.17 oval:org.secpod.oval:def:501906 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. ... oval:org.secpod.oval:def:1501640 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. ... oval:org.secpod.oval:def:501968 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Security Fix: * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a databa ... oval:org.secpod.oval:def:1600506 It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. A race ... oval:org.secpod.oval:def:1501746 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Security Fix: * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a databa ... oval:org.secpod.oval:def:502114 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb . Security Fix: * It was discovered that the mysql and mysqldump tools did not correctly handle database and table names c ... oval:org.secpod.oval:def:1501990 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:602613 Dawid Golunski discovered that the mysqld_safe wrapper provided by the MySQL database server insufficiently restricted the load path for custom malloc implementations, which could result in privilege escalation. The vulnerability was addressed by upgrading MySQL to the new upstream version 5.5.52, w ... oval:org.secpod.oval:def:37239 The host is installed with mariadb on Fedora 23 or Fedora 24 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle MySQL logging functions. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:602858 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.55, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes oval:org.secpod.oval:def:602571 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.26. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ oval:org.secpod.oval:def:703261 mysql-5.7: MySQL database - mysql-5.5: MySQL database MySQL could be made to run programs as an administrator. oval:org.secpod.oval:def:37184 The host is installed with MySQL 5.1.73 and earlier on Centos 6, mariadb 5.5.50 and earlier on Centos 7 or MySQL 5.0.95 and earlier on Centos 5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle MySQL logging functions. Successf ... oval:org.secpod.oval:def:602564 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.50 oval:org.secpod.oval:def:1901326 Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR. oval:org.secpod.oval:def:36134 The host is installed with Oracle MySQL 5.5.x through 5.5.49, 5.6.x through 5.6.30 or 5.7.x through 5.7.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows remote authenticated ... oval:org.secpod.oval:def:1800610 CVE-2017-3313: mariaDB 10.1.22 CVE-2017-3302: mariaDB 10.1.22 Reference oval:org.secpod.oval:def:1600461 It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. oval:org.secpod.oval:def:1900561 Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0,and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypas ... oval:org.secpod.oval:def:36125 The host is installed with Oracle MySQL 5.5.x through 5.5.49, 5.6.x through 5.6.30 or 5.7.x through 5.7.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows remote authenticated ... oval:org.secpod.oval:def:37213 The host is installed with MySQL 5.1.73 and earlier on OEL 6, mariadb 5.5.50 and earlier on OEL 7 or MySQL 5.0.95 and earlier on OEL 5 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle MySQL logging functions. Successful exploi ... oval:org.secpod.oval:def:36119 The host is installed with Oracle MySQL 5.5.x through 5.5.49, 5.6.x through 5.6.30 or 5.7.x through 5.7.12 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows local users to ... oval:org.secpod.oval:def:1800514 CVE-2017-3313: mariaDB 10.1.22 CVE-2017-3302: mariaDB 10.1.22 oval:org.secpod.oval:def:602819 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.30. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10030-release-notes/ oval:org.secpod.oval:def:37092 The host is installed with MySQL 5.1.73 and earlier on Red Hat Enterprise Linux 6, mariadb 5.5.50 and earlier on Red Hat Enterprise Linux 7 or mysql55-mysql 5.5.40-2.el5 and earlier and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly ha ... oval:org.secpod.oval:def:37775 The host is installed with Oracle MySQL Server through 5.5.52, 5.6.33 or 5.7.15 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Logging. Successful exploitation allows attackers to affect Confidentiality, Integrity ... oval:org.secpod.oval:def:703579 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:603571 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37. Please see the MariaDB 10.1 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10127-release-notes/ https://mariad ... oval:org.secpod.oval:def:1901312 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption. oval:org.secpod.oval:def:1900581 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to PS. oval:org.secpod.oval:def:1900582 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML. oval:org.secpod.oval:def:1900743 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. oval:org.secpod.oval:def:1600443 It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client. Unspecified vuln ... oval:org.secpod.oval:def:1900502 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to PS. oval:org.secpod.oval:def:203888 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: MariaDB . Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. Security Fix: * It wa ... oval:org.secpod.oval:def:1900510 Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to InnoDB. oval:org.secpod.oval:def:110278 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:1901284 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF. oval:org.secpod.oval:def:36139 The host is installed with Oracle MySQL 5.5.x through 5.5.48, 5.6.x through 5.6.29 or 5.7.x through 5.7.10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows remote authenti ... oval:org.secpod.oval:def:1600438 Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote administrators to affect availability via vectors related to Server: RBR. Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. ... oval:org.secpod.oval:def:1900518 The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; OracleMySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name ... oval:org.secpod.oval:def:1501424 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs and ... oval:org.secpod.oval:def:1501545 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws c ... oval:org.secpod.oval:def:34183 The host is installed with Oracle MySQL 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to InnoDB. Successful exploitation allows local users to affect availability. oval:org.secpod.oval:def:1900562 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to Security: Privileges. oval:org.secpod.oval:def:602477 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49 oval:org.secpod.oval:def:1900566 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect confidentiality and availability via vectors related to MyISAM. oval:org.secpod.oval:def:203985 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws c ... oval:org.secpod.oval:def:602353 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.47 oval:org.secpod.oval:def:602351 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.23. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10023-release-notes/ oval:org.secpod.oval:def:400641 mariadb was updated to version 10.0.25 to fix 25 security issues. These security issues were fixed: - CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options . - CVE-2016-0546: Unspecified vulnerability allowed local u ... oval:org.secpod.oval:def:34172 The host is installed with Oracle MySQL 5.5.x through 5.5.47, 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to PS. Successful exploitation allows local users to affect av ... oval:org.secpod.oval:def:34171 The host is installed with Oracle MySQL 5.5.x through 5.5.48, 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to PS. Successful exploitation allows local users to affect av ... oval:org.secpod.oval:def:34179 The host is installed with Oracle MySQL 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to InnoDB. Successful exploitation allows local users to affect availability. oval:org.secpod.oval:def:1600337 wolfSSL before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, also know ... oval:org.secpod.oval:def:34176 The host is installed with Oracle MySQL 5.5.x through 5.5.48, 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to Security: Privileges. Successful exploitation allows allows ... oval:org.secpod.oval:def:1900578 Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before10.0.25, and 10.1.x before 10.1.14 allows local users to affect availability via vectors related to FTS. oval:org.secpod.oval:def:34177 The host is installed with Oracle MySQL 5.5.x through 5.5.47, 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to MyISAM. Successful exploitation allows local users to affec ... oval:org.secpod.oval:def:1900731 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous ... oval:org.secpod.oval:def:501798 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: MariaDB . Refer to the MariaDB Release Notes listed in the References section for a complete list of changes. Security Fix: * It wa ... oval:org.secpod.oval:def:51606 mysql-5.7: MySQL database - mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:34160 The host is installed with Oracle MySQL 5.5.x through 5.5.47, 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to DDL. Successful exploitation allows local users to affect a ... oval:org.secpod.oval:def:1901110 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to DML. oval:org.secpod.oval:def:34163 The host is installed with Oracle MySQL 5.5.x through 5.5.48, 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to FTS. Successful exploitation allows local users to affect a ... oval:org.secpod.oval:def:1800668 CVE-2016-2047: MariaDB 10.1.10 CVE-2016-0616: MariaDB 10.1.10 CVE-2016-0610: MariaDB 10.1.9 CVE-2016-0609: MariaDB 10.1.10 CVE-2016-0608: MariaDB 10.1.10 CVE-2016-0606: MariaDB 10.1.10 CVE-2016-0600: MariaDB 10.1.10 CVE-2016-0598: MariaDB 10.1.10 CVE-2016-0597: MariaDB 10.1.10 CVE-2016-0596: MariaDB ... oval:org.secpod.oval:def:602526 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.25. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/ https://mariad ... oval:org.secpod.oval:def:1901121 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect integrity via unknown vectors related to encryption. oval:org.secpod.oval:def:34158 The host is installed with Oracle MySQL 5.5.x through 5.5.47, 5.6.x through 5.6.28 or 5.7.x through 5.7.10 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle vectors related to DML. Successful exploitation allows local users to affect i ... oval:org.secpod.oval:def:34159 The host is installed with Oracle MySQL 5.5.x through 5.5.48, 5.6.x through 5.6.29 or 5.7.x through 5.7.11 and is prone to a SSL server spoofing vulnerability. A flaw is present in the application, which fails to properly verify that the server hostname matches a domain name in the subject's Common ... oval:org.secpod.oval:def:110198 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:52682 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:1901332 Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer. oval:org.secpod.oval:def:703059 mysql-5.7: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703213 mysql-5.7: MySQL database - mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:703057 mysql-5.6: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:1900525 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL. oval:org.secpod.oval:def:1900524 Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. oval:org.secpod.oval:def:501862 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb . Security Fix: * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws c ... oval:org.secpod.oval:def:32758 The host is installed with Oracle MySQL through 5.5.46 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to Optimizer. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32753 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to DML. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32754 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to Optimizer. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:110258 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:110256 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:32746 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails vectors related to UDF. Successful exploitation allows remote authenticated users to affect availability. oval:org.secpod.oval:def:32748 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to encryption. Successful exploitation allows remote authenticated users to affect integrity. oval:org.secpod.oval:def:400733 mariadb was updated to version 10.0.25 to fix 25 security issues. These security issues were fixed: - CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options . - CVE-2016-0546: Unspecified vulnerability allowed local u ... oval:org.secpod.oval:def:32742 The host is installed with Oracle MySQL through 5.5.46, through 5.6.27 or 5.7.9 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails unknown vectors related to Client. Successful exploitation allows local users to affect confidentiality, integrity, and avai ... oval:org.secpod.oval:def:1600404 A double-free flaw was found in the way OpenSSL parsed certain malformed DSA private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. The ssl_verify_server_cert function in sql-co ... oval:org.secpod.oval:def:110547 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:110496 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. |