CVE Daily
← All tags

Tag: MySQL

All CVEs associated with "MySQL". Page 9/20 • 2289 CVEs.

Subscribe CVEs: RSS for “MySQL”  ·  RSS (High+Critical only)

About “MySQL”

A curated feed of “MySQL”-related CVEs appears below. We currently track 2289 CVEs for this tag (all time). In the last 365 days, 184 were published. Average CVSS is 5.6 (all time; 6.4 over 365d), and 20% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE-284 - Improper Access Control.

In our taxonomy this topic maps to a MODERATE impact class. Databases, proxies, and web servers often need coordinated restarts and config checks. Patch only modules you deploy, verify TLS and authentication, and tune limits. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2021-01-20
Medium

CVE-2021-2060

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Easily expl…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2058

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privile…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2056

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privilege…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2021-2055

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2048

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allows high privileged att…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2021-2046

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows hig…

CVSS: 6.8 CWE: N/A View on NVD
Low

CVE-2021-2042

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 2.3 CWE: N/A View on NVD
Medium

CVE-2021-2038

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.22 and prior. Difficult to exploit vulnerability allow…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2021-2036

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2032

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerabi…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2021-2031

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2030

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2028

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows low privil…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2021-2022

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit v…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2021-2021

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2020

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privil…

CVSS: 6.5 CWE: N/A View on NVD
Low

CVE-2021-2019

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows…

CVSS: 2.7 CWE: N/A View on NVD
Medium

CVE-2021-2016

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2014

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin). Supported versions that are affected are 5.7.32 and prior. Easily exploitable vulnerability allows high…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2012

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2011

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vulnerability allows…

CVSS: 5.9 CWE: N/A View on NVD
Medium

CVE-2021-2010

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.50 and prior, 5.7.32 and prior and 8.0.22 and prior. Difficult to exploit vu…

CVSS: 4.2 CWE: N/A View on NVD
Medium

CVE-2021-2009

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2021-2007

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vu…

CVSS: 3.7 CWE: N/A View on NVD
Medium

CVE-2021-2006

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows low privileged attac…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2021-2002

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high pri…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2021-2001

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.50 and prior, 5.7.30 and prior and 8.0.17 and prior. Easily expl…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2021-1998

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 3.8 CWE: N/A View on NVD
2020-12-21
Medium

CVE-2020-26277

DBdeployer is a tool that deploys MySQL database servers easily. In DBdeployer before version 1.58.2, users unpacking a tarball may use a maliciously packaged tarball that contains symlinks to files…

CVSS: 6.1 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD
2020-12-18
Critical

CVE-2020-11974

In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database.

CVSS: 9.8 CWE: N/A View on NVD
2020-12-08
Critical

CVE-2020-25889

Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can…

CVSS: 9.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2020-12-03
Medium

CVE-2020-26248

In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module.

CVSS: 6.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2020-12-02
Critical

CVE-2020-29283

An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.

CVSS: 9.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2020-11-17
High

CVE-2020-28688

The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.

CVSS: 8.8 CWE: CWE-434 - Unrestricted Upload of File with Dangerous Type View on NVD
High

CVE-2020-28687

The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.

CVSS: 8.8 CWE: CWE-434 - Unrestricted Upload of File with Dangerous Type View on NVD
2020-11-11
Critical

CVE-2020-5426

Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. This also depended on the configuration of the MySQL server…

CVSS: 9.8 CWE: CWE-319 - Cleartext Transmission of Sensitive Information View on NVD
2020-11-05
Medium

CVE-2020-12147

In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution R…

CVSS: 6.6 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
2020-10-21
Medium

CVE-2020-14893

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14891

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14888

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
High

CVE-2020-14878

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows…

CVSS: 8.0 CWE: N/A View on NVD
Medium

CVE-2020-14873

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privi…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2020-14870

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privil…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14869

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14868

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14867

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Difficult to expl…

CVSS: 4.4 CWE: N/A View on NVD
Medium

CVE-2020-14866

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14861

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2020-14860

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high…

CVSS: 2.7 CWE: N/A View on NVD
Medium

CVE-2020-14853

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2020-14852

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privil…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14848

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14846

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privil…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14845

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14844

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged a…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14839

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14838

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2020-14837

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14836

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privil…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14830

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privil…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14829

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 4.9 CWE: N/A View on NVD
High

CVE-2020-14828

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2020-14827

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14821

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14814

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14812

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14809

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14804

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14800

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14799

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14794

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14793

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily expl…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2020-14791

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged att…

CVSS: 2.2 CWE: N/A View on NVD
Medium

CVE-2020-14790

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability all…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14789

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability al…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14786

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged a…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14785

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14777

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14776

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14775

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14773

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2020-14771

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploi…

CVSS: 2.2 CWE: N/A View on NVD
Medium

CVE-2020-14769

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily expl…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14765

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitabl…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14760

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.31 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2020-14672

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easi…

CVSS: 4.9 CWE: N/A View on NVD
2020-09-22
Medium

CVE-2020-14027

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLE_LOCAL_INFILE, that can be leveraged by attackers to enab…

CVSS: 5.3 CWE: CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') View on NVD
High

CVE-2020-25487

PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.

CVSS: 7.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2020-09-11
Medium

CVE-2019-20917

An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with…

CVSS: 6.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2020-09-03
High

CVE-2020-11579

An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on ho…

CVSS: 7.5 CWE: CWE-306 - Missing Authentication for Critical Function View on NVD
2020-09-01
Critical

CVE-2020-5777

MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger…

CVSS: 9.8 CWE: CWE-287 - Improper Authentication View on NVD
2020-08-05
Critical

CVE-2020-13921

**Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases.

CVSS: 9.8 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2020-07-24
Medium

CVE-2020-14725

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
2020-07-15
Medium

CVE-2020-15051

An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS exists via the Server Domain Name, Your Email Address, Group Name, MYSQL Server, Database, MYSQL Username, Group Name, and Task…

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Medium

CVE-2020-14702

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 4.9 CWE: N/A View on NVD
High

CVE-2020-14697

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2020-14680

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privil…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2020-14678

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2020-14663

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2020-14656

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privile…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14654

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14651

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2020-14643

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2020-14641

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2020-14634

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 2.7 CWE: N/A View on NVD
Low

CVE-2020-14633

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 2.7 CWE: N/A View on NVD
Medium

CVE-2020-14632

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privile…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14631

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14624

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14623

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14620

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14619

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privilege…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14614

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14597

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privi…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14591

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low pr…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14586

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14576

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability al…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2020-14575

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2020-14568

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attac…

CVSS: 4.9 CWE: N/A View on NVD