rpm package
opensuse/mariadb&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/mariadb&distro=openSUSE%20Tumbleweed
Vulnerabilities (125)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2007-6303 | — | < 10.6.4-2.1 | 10.6.4-2.1 | Dec 10, 2007 | MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW state | ||
| CVE-2007-5970 | — | < 10.0.22-3.8 | 10.0.22-3.8 | Dec 10, 2007 | MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a tabl | ||
| CVE-2007-5969 | — | < 10.6.4-2.1 | 10.6.4-2.1 | Dec 10, 2007 | MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to | ||
| CVE-2006-4226 | — | < 10.6.4-2.1 | 10.6.4-2.1 | Aug 18, 2006 | MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. | ||
| CVE-2006-0903 | — | < 10.6.4-2.1 | 10.6.4-2.1 | Feb 27, 2006 | MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states |
- CVE-2007-6303Dec 10, 2007affected < 10.6.4-2.1fixed 10.6.4-2.1
MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW state
- CVE-2007-5970Dec 10, 2007affected < 10.0.22-3.8fixed 10.0.22-3.8
MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a tabl
- CVE-2007-5969Dec 10, 2007affected < 10.6.4-2.1fixed 10.6.4-2.1
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to
- CVE-2006-4226Aug 18, 2006affected < 10.6.4-2.1fixed 10.6.4-2.1
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
- CVE-2006-0903Feb 27, 2006affected < 10.6.4-2.1fixed 10.6.4-2.1
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states
Page 7 of 7