VYPR

MySQL

by Oracle Corporation

Source repositories

CVEs (576)

  • CVE-2000-0045Jan 11, 2000
    risk 0.04cvss epss 0.07

    MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.

  • CVE-2012-5383Oct 11, 2012
    risk 0.03cvss epss 0.01

    Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to…

  • CVE-2007-1420Mar 12, 2007
    risk 0.03cvss epss 0.01

    MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL…

  • CVE-2006-0903Feb 27, 2006
    risk 0.03cvss epss 0.01

    MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor…

  • CVE-2005-0711May 2, 2005
    risk 0.03cvss epss 0.02

    MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

  • CVE-2003-1480Dec 31, 2003
    risk 0.03cvss epss 0.03

    MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.

  • CVE-2001-0407Jun 27, 2001
    risk 0.03cvss epss 0.02

    Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).

  • CVE-2001-1274Jan 23, 2001
    risk 0.03cvss epss 0.05

    Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.

  • CVE-2010-1850Jun 8, 2010
    risk 0.02cvss epss 0.22

    Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.

  • CVE-2016-0505Jan 21, 2016
    risk 0.01cvss epss 0.08

    Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Options.

  • CVE-2015-4816Oct 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

  • CVE-2015-4757Jul 16, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer.

  • CVE-2015-2568Apr 16, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.

  • CVE-2015-0501Apr 16, 2015
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.

  • CVE-2015-0411Jan 21, 2015
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.

  • CVE-2015-0391Jan 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

  • CVE-2015-0382Jan 21, 2015
    risk 0.01cvss epss 0.10

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.

  • CVE-2014-6568Jan 21, 2015
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

  • CVE-2014-6507Oct 15, 2014
    risk 0.01cvss epss 0.07

    Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.

  • CVE-2014-0001Jan 31, 2014
    risk 0.01cvss epss 0.06

    Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.

Page 12 of 29