FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b64a7389-7c27-11e6-8aaa-5404a68ad561Remote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662

LegalHackers' reports:

RCE Bugs discovered in MySQL and its variants like MariaDB. It works by manipulating my.cnf files and using --malloc-lib. The bug seems fixed in MySQL 5.7.15 by Oracle


Discovery 2016-09-12
Entry 2016-09-14
mysql57-client
mysql57-server
< 5.7.15

CVE-2016-6662
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
31344707-5d87-11eb-929d-d4c9ef517024MySQL -- Multiple vulnerabilities

Oracle reports:

This Critical Patch Update contains 34 new security patches for Oracle MySQL Server and 4 for MySQL Client.

The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle MySQL is 6.8.


Discovery 2021-01-23
Entry 2021-01-23
mysql56-client
< 5.6.51

mysql57-client
< 5.7.33

mysql80-client
< 8.0.23

mysql56-server
< 5.6.51

mysql57-server
< 5.7.33

mysql80-server
< 8.0.23

https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL
CVE-2021-2046
CVE-2021-2020
CVE-2021-2024
CVE-2021-2011
CVE-2021-2006
CVE-2021-2048
CVE-2021-2028
CVE-2021-2122
CVE-2021-2058
CVE-2021-2001
CVE-2021-2016
CVE-2021-2021
CVE-2021-2030
CVE-2021-2031
CVE-2021-2036
CVE-2021-2055
CVE-2021-2060
CVE-2021-2070
CVE-2021-2076
CVE-2021-2065
CVE-2021-2014
CVE-2021-2002
CVE-2021-2012
CVE-2021-2009
CVE-2021-2072
CVE-2021-2081
CVE-2021-2022
CVE-2021-2038
CVE-2021-2061
CVE-2021-2056
CVE-2021-2087
CVE-2021-2088
CVE-2021-2032
CVE-2021-2010
CVE-2021-1998
CVE-2021-2007
CVE-2021-2019
CVE-2021-2042
622b5c47-855b-11ea-a5e2-d4c9ef517024MySQL Client -- Multiple vulerabilities

Oracle reports:

This Critical Patch Update contains 45 new security patches for Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.


Discovery 2020-04-14
Entry 2020-04-23
mysql56-client
< 5.6.48

mysql57-client
< 5.7.30

mysql80-client
< 8.0.20

mysql-connector-c
< 8.0.20

mysql-connector-c++
< 8.0.20

mysql-connector-java
< 8.0.20

percona55-client
< 5.5.68

percona56-client
< 5.6.48

percona57-client
< 5.7.30

https://www.oracle.com/security-alerts/cpujan2020.html
CVE-2020-2752
CVE-2020-2934
CVE-2020-2875
CVE-2020-2922
CVE-2020-2933
e5186c65-d729-11e6-a9a5-b499baebfeafmysql -- multiple vulnerabilities

Oracle reports:

Local security vulnerability in 'Server: Packaging' sub component.


Discovery 2016-10-18
Entry 2017-01-14
Modified 2017-01-15
mysql57-client
mysql57-server
< 5.7.15

93617
CVE-2016-5625
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
dc596a17-7a9e-11e6-b034-f0def167eeeaRemote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662

LegalHackers' reports:

RCE Bugs discovered in MySQL and its variants like MariaDB. It works by manipulating my.cnf files and using --malloc-lib. The bug seems fixed in MySQL 5.7.15 by Oracle


Discovery 2016-09-12
Entry 2016-11-24
Modified 2016-11-24
mysql57-client
mysql57-server
< 5.7.15

mysql56-client
mysql56-server
< 5.6.33

mysql55-client
mysql55-server
< 5.5.52

http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
0ed71663-c369-11ea-b53c-d4c9ef517024MySQL -- Multiple vulnerabilities

Oracle reports:

This Critical Patch Update contains 40 new security patches for Oracle MySQL. 6 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle MySQL is 9.8.

This Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for July 2020, which will be released on Tuesday, July 14, 2020.


Discovery 2020-07-07
Entry 2020-07-11
mysql56-client
< 5.6.49

mysql56-server
< 5.6.49

mysql57-client
< 5.7.31

mysql57-server
< 5.7.31

mysql80-client
< 8.0.21

mysql80-server
< 8.0.21

https://www.oracle.com/security-alerts/cpujul2020.html
22373c43-d728-11e6-a9a5-b499baebfeafMySQL -- multiple vulnerabilities

The MySQL project reports:

  • CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component.
  • CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
  • CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
  • CVE-2016-5624: Remote security vulnerability in 'Server: DML' sub component.
  • CVE-2016-5626: Remote security vulnerability in 'Server: GIS' sub component.
  • CVE-2016-5629: Remote security vulnerability in 'Server: Federated' sub component.
  • CVE-2016-8283: Remote security vulnerability in 'Server: Types' sub component.

Discovery 2016-09-13
Entry 2017-01-14
mariadb55-client
mariadb55-server
< 5.5.52

mariadb100-client
mariadb100-server
< 10.0.28

mariadb101-client
mariadb101-server
< 10.1.18

mysql55-client
mysql55-server
< 5.5.52

mysql56-client
mysql56-server
< 5.6.33

mysql57-client
mysql57-server
< 5.7.15

percona55-client
percona55-server
< 5.5.51.38.2

percona56-client
percona56-server
< 5.6.32.78.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
CVE-2016-3492
CVE-2016-5616
CVE-2016-5617
CVE-2016-5624
CVE-2016-5626
CVE-2016-5629
CVE-2016-6663
CVE-2016-6664
CVE-2016-8283