VYPR

rpm package

suse/python-mysqlclient&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP1

pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1

Vulnerabilities (219)

  • CVE-2015-4792Oct 21, 2015
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.

  • CVE-2012-5627Oct 1, 2013
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force passwor

  • CVE-2013-1976Jul 9, 2013
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a) to

  • CVE-2012-4414Jan 22, 2013
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vec

  • CVE-2012-5615Dec 3, 2012
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid u

  • CVE-2012-5612Dec 3, 2012
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated

  • CVE-2012-5611Dec 3, 2012
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenti

  • CVE-2009-4030Nov 30, 2009
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables

  • CVE-2009-4028Nov 30, 2009
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a

  • CVE-2009-4019Nov 30, 2009
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, whic

  • CVE-2008-7247Nov 30, 2009
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1)

  • CVE-2008-2079May 5, 2008
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL

  • CVE-2007-6304Dec 10, 2007
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the mi

  • CVE-2007-6303Dec 10, 2007
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW state

  • CVE-2007-5970Dec 10, 2007
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a tabl

  • CVE-2007-5969Dec 10, 2007
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to

  • CVE-2006-4227Aug 18, 2006
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT E

  • CVE-2006-4226Aug 18, 2006
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

  • CVE-2006-0903Feb 27, 2006
    affected < 1.4.6-150100.3.3.7fixed 1.4.6-150100.3.3.7

    MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states

Page 11 of 11