Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K74843522
HistoryDec 19, 2018 - 12:00 a.m.

K74843522 : MySQL vulnerabilities CVE-2016-9843, CVE-2018-3133, CVE-2018-3137, CVE-2018-3143, and CVE-2018-3144

2018-12-1900:00:00
my.f5.com
130

AI Score

8.7

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON

Security Advisory Description

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Impact

There is no impact; F5 products are not affected by this vulnerability.

Related

openvas 31
amazon 4
nessus 53
osv 13
veracode 4
redhatcve 4
prion 5
nvd 5
cvelist 5
mariadbunix 3
alpinelinux 2
cve 5
ubuntucve 5
debiancve 2
suse 1
slackware 1
mageia 2
altlinux 2
ubuntu 4
ibm 36
freebsd 2
cloudfoundry 2
debian 3
gentoo 2
fedora 1
photon 1
thn 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:3542-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2018:3478-1)
2018-10-26 00:00:00
Mageia: Security Advisory (MGASA-2018-0469)
2022-01-28 00:00:00
amazon
amazon
Medium: mysql55
2018-12-06 00:40:00
Medium: mysql56
2018-12-06 00:38:00
Medium: mariadb
2019-04-08 21:30:00
nessus
nessus
Amazon Linux AMI : mysql55 (ALAS-2018-1116)
2018-12-07 00:00:00
MySQL 5.5.x < 5.5.62 Multiple Vulnerabilities (October 2018 CPU)
2018-10-19 00:00:00
SUSE SLES11 Security Update : mysql (SUSE-SU-2018:3542-1)
2018-10-30 00:00:00
osv
osv
CVE-2018-3133
2018-10-17 01:31:16
CGA-gmp9-xrph-w4g6
2024-07-04 22:10:18
CGA-j48f-wc6c-rvqj
2024-07-04 22:05:14
veracode
veracode
Denial Of Service (DoS)
2019-05-16 03:22:41
Denial Of Service (DoS)
2019-05-02 06:11:09
Denial Of Service (DoS)
2019-05-16 03:22:41
redhatcve
redhatcve
CVE-2018-3133
2019-11-04 09:45:59
CVE-2018-3137
2018-10-17 20:55:30
CVE-2018-3143
2019-10-20 06:35:30
prion
prion
Code injection
2018-10-17 01:31:00
Command injection
2017-05-23 04:29:00
Code injection
2018-10-17 01:31:00
nvd
nvd
CVE-2018-3133
2018-10-17 01:31:16
CVE-2016-9843
2017-05-23 04:29:01
CVE-2018-3137
2018-10-17 01:31:16
cvelist
cvelist
CVE-2018-3133
2018-10-17 01:00:00
CVE-2016-9843
2017-05-23 03:56:00
CVE-2018-3137
2018-10-17 01:00:00
mariadbunix
mariadbunix
CVE-2018-3133
2018-10-17 01:31:00
CVE-2016-9843
2017-05-23 04:29:01
CVE-2018-3143
2018-10-17 01:31:00
alpinelinux
alpinelinux
CVE-2016-9843
2017-05-23 04:29:01
CVE-2018-3143
2018-10-17 01:31:16
cve
cve
CVE-2018-3133
2018-10-17 01:31:16
CVE-2016-9843
2017-05-23 04:29:01
CVE-2018-3137
2018-10-17 01:31:16
ubuntucve
ubuntucve
CVE-2018-3133
2018-10-16 00:00:00
CVE-2016-9843
2017-05-23 00:00:00
CVE-2018-3143
2018-10-16 00:00:00
debiancve
debiancve
CVE-2016-9843
2017-05-23 04:29:01
CVE-2018-3143
2018-10-17 01:31:00
suse
suse
Security update for mysql-community-server (important)
2018-10-26 00:18:04
slackware
slackware
[slackware-security] mariadb
2018-11-06 04:16:18
mageia
mageia
Updated mariadb packages fix security vulnerabilities
2018-11-27 18:26:11
Updated rsync packages fix security vulnerabilities
2020-02-29 16:42:35
altlinux
altlinux
Security fix for the ALT Linux 8 package mariadb version 10.1.37-alt1
2018-12-05 00:00:00
Security fix for the ALT Linux 9 package mariadb version 10.3.11-alt1
2018-11-28 00:00:00
ubuntu
ubuntu
MySQL vulnerabilities
2018-10-29 00:00:00
rsync vulnerabilities
2020-02-25 00:00:00
zlib vulnerabilities
2020-01-22 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Open Source zlib affects IBM Netezza Platform Software clients (CVE-2016-9840, CVE-2016-9841 and CVE-2016-9843).
2019-10-18 03:10:29
Security Bulletin: Vulnerabilities in zlib affect IBM Sterling Connect:Direct for UNIX (CVE-2016-9840, CVE-2016-9841, CVE-2016-9843)
2020-07-24 22:19:08
Security Bulletin: IBM Tivoli Monitoring Agent Framework component. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9843)
2018-06-17 15:41:57
freebsd
freebsd
net/rsync -- multiple zlib issues
2020-06-19 00:00:00
MySQL -- multiple vulnerabilities
2018-10-16 00:00:00
cloudfoundry
cloudfoundry
USN-4292-1: rsync vulnerabilities | Cloud Foundry
2020-03-10 00:00:00
USN-4246-1: zlib vulnerabilities | Cloud Foundry
2020-02-12 00:00:00
debian
debian
[SECURITY] [DLA 2085-1] zlib security update
2020-01-29 21:52:33
[SECURITY] [DLA 1725-1] rsync security update
2019-03-24 21:48:25
[SECURITY] [DLA 1570-1] mariadb-10.0 security update
2018-11-07 18:07:25
gentoo
gentoo
zlib: Multiple vulnerabilities
2017-01-23 00:00:00
rsync: Multiple vulnerabilities
2020-07-28 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: mariadb-10.3.11-1.fc29
2018-12-22 03:02:42
photon
photon
Critical Photon OS Security Update - PHSA-2017-0051
2017-06-22 00:00:00
thn
thn
Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform
2021-07-07 12:58:00

AI Score

8.7

Confidence

Low

EPSS

0.014

Percentile

86.5%

JSON
Related for F5:K74843522
openvas31amazon4nessus53osv13veracode4redhatcve4prion5nvd5cvelist5mariadbunix3alpinelinux2cve5ubuntucve5debiancve2suse1slackware1mageia2altlinux2ubuntu4ibm36freebsd2cloudfoundry2debian3gentoo2fedora1photon1thn1