CVE Daily
← All tags

Tag: MySQL

All CVEs associated with "MySQL". Page 17/20 • 2289 CVEs.

Subscribe CVEs: RSS for “MySQL”  ·  RSS (High+Critical only)

About “MySQL”

A curated feed of “MySQL”-related CVEs appears below. We currently track 2289 CVEs for this tag (all time). In the last 365 days, 184 were published. Average CVSS is 5.6 (all time; 6.4 over 365d), and 20% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE-284 - Improper Access Control.

In our taxonomy this topic maps to a MODERATE impact class. Databases, proxies, and web servers often need coordinated restarts and config checks. Patch only modules you deploy, verify TLS and authentication, and tune limits. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2013-04-17
Medium

CVE-2013-2375

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via u…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2013-1570

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2013-1567

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerabil…

CVSS: 3.5 CWE: N/A View on NVD
Low

CVE-2013-1566

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2013-1555

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-1552

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVSS: 6.5 CWE: N/A View on NVD
Low

CVE-2013-1548

Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2013-1544

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data M…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-1532

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Inform…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-1531

Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors relate…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2013-1526

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-1523

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors relate…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2013-1521

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors relate…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2013-1512

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2013-1511

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

CVSS: 3.5 CWE: N/A View on NVD
Low

CVE-2013-1506

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server…

CVSS: 2.8 CWE: N/A View on NVD
Low

CVE-2013-1502

Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.

CVSS: 1.5 CWE: N/A View on NVD
2013-03-28
Medium

CVE-2013-1861

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2013-1492

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2012-0553

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2013-01-22
Medium

CVE-2012-4414

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5…

CVSS: 6.5 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2013-01-17
Medium

CVE-2013-0389

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to S…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2013-0386

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2013-0385

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to…

CVSS: 6.6 CWE: N/A View on NVD
Medium

CVE-2013-0384

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to I…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2013-0383

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Lock…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2013-0375

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vec…

CVSS: 5.4 CWE: N/A View on NVD
Medium

CVE-2013-0371

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-0368

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-0367

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2012-5096

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-5060

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2012-1705

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Ser…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1702

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2012-0578

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0574

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0572

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Inn…

CVSS: 4.0 CWE: N/A View on NVD
2012-12-21
High

CVE-2012-0882

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-12-03
Medium

CVE-2012-5615

Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2012-5614

Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT com…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-5613

MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows…

CVSS: 6.0 CWE: CWE-16 View on NVD
Medium

CVE-2012-5612

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (m…

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2012-5611

Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x b…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2012-10-17
Low

CVE-2012-3197

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-3180

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-3177

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2012-3173

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2012-3167

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-3166

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 4.0 CWE: N/A View on NVD
Critical

CVE-2012-3163

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availab…

CVSS: 9.0 CWE: N/A View on NVD
2012-10-16
Low

CVE-2012-3160

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server…

CVSS: 2.1 CWE: N/A View on NVD
High

CVE-2012-3158

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via…

CVSS: 7.5 CWE: N/A View on NVD
Low

CVE-2012-3156

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-3150

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2012-3149

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-3147

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2012-3144

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

CVSS: 4.0 CWE: N/A View on NVD
2012-10-11
Medium

CVE-2012-5383

Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan ho…

CVSS: 6.2 CWE: N/A View on NVD
2012-10-09
Low

CVE-2012-4452

MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX…

CVSS: 2.1 CWE: CWE-264 View on NVD
2012-09-17
Medium

CVE-2011-4959

SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote a…

CVSS: 6.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2012-08-17
Critical

CVE-2012-2750

Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 2…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2012-2749

MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.

CVSS: 4.0 CWE: CWE-399 View on NVD
Low

CVE-2012-2102

MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.

CVSS: 3.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2009-5026

The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows…

CVSS: 6.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2012-07-31
High

CVE-2012-3951

The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows r…

CVSS: 7.5 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2012-07-17
Medium

CVE-2012-1757

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1756

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1735

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2012-1734

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1689

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0540

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

CVSS: 4.0 CWE: N/A View on NVD
2012-06-26
Medium

CVE-2012-2122

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, whe…

CVSS: 5.1 CWE: CWE-287 - Improper Authentication View on NVD
2012-05-21
Medium

CVE-2010-5104

The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, wh…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-05-03
Medium

CVE-2012-1703

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2012-1697

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1696

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1690

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors relate…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1688

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0583

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.

CVSS: 4.0 CWE: N/A View on NVD
2012-01-30
Medium

CVE-2012-0937

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attacker…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2011-4899

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to confi…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2011-4898

wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL creden…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2012-01-18
Medium

CVE-2012-0496

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2012-0495

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2012-0494

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.

CVSS: 1.7 CWE: N/A View on NVD
Low

CVE-2012-0493

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-2012-0492

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2012-0491

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0490

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0489

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0488

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0487

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0486

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-011…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2012-0485

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0120

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0119

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0118

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different v…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2012-0117

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-048…

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-0116

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2012-0115

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2012-0114

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.

CVSS: 3.0 CWE: N/A View on NVD
Medium

CVE-2012-0113

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different v…

CVSS: 5.5 CWE: N/A View on NVD
Low

CVE-2012-0112

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2012-0102

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0101

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0087

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CV…

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2012-0075

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.

CVSS: 1.7 CWE: N/A View on NVD
Medium

CVE-2011-2262

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
2012-01-04
Medium

CVE-2011-5049

MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.

CVSS: 4.3 CWE: CWE-399 View on NVD
2011-11-04
High

CVE-2011-1513

Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code…

CVSS: 7.5 CWE: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') View on NVD
2011-09-24
Medium

CVE-2011-3805

TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2011-07-28
High

CVE-2011-2688

SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the use…

CVSS: 7.5 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2011-06-22
Medium

CVE-2011-2531

Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation)…

CVSS: 4.3 CWE: CWE-399 View on NVD
2011-05-05
Medium

CVE-2011-1906

Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via…

CVSS: 5.0 CWE: CWE-255 View on NVD
2011-01-14
Medium

CVE-2010-3840

The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB funct…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2010-3839

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedur…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2010-3838

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST func…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2010-3837

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the…

CVSS: 4.0 CWE: CWE-399 View on NVD
Medium

CVE-2010-3836

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view prepar…

CVSS: 4.0 CWE: CWE-399 View on NVD