Vulnerabilities (CVE)

Vendor filter

Mysql Subscribe

Filter

261 total CVE
CVE Vendors Products Updated CVSS
CVE-2004-0835 3 Mysql, Debian, Oracle 3 Mysql, Debian Linux, Mysql 2019-10-07 7.5
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct...
CVE-2012-1696 3 Mysql, Oracle, Sun 6 Mysql, Mysql Community Server, Mysql and 3 more 2019-10-07 4.0
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
CVE-2006-1516 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 5.0
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
CVE-2006-4226 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 3.6
MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they...
CVE-2006-4031 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 2.1
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
CVE-2009-2446 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 8.5
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified...
CVE-2012-3166 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 4.0
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
CVE-2006-0903 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 4.6
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the...
CVE-2012-3160 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 2.1
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
CVE-2006-1517 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 5.0
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an...
CVE-2012-1697 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 4.0
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
CVE-2012-3177 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 6.8
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
CVE-2005-0004 5 Gentoo, Mysql, Debian and 2 more 6 Mysql, Debian Linux, Linux and 3 more 2019-10-07 4.6
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
CVE-2005-0709 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
CVE-2004-0956 4 Mysql, Suse, Ubuntu and 1 more 4 Mysql, Suse Linux, Ubuntu Linux and 1 more 2019-10-07 5.0
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
CVE-2005-2558 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 4.6
Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long...
CVE-2004-0957 7 Ubuntu, Redhat, Mysql and 4 more 8 Enterprise Linux Desktop, Enterprise Linux, Openpkg and 5 more 2019-10-07 6.8
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct...
CVE-2004-0381 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 2.1
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
CVE-2005-0711 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 2.1
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
CVE-2005-0710 2 Mysql, Oracle 2 Mysql, Mysql 2019-10-07 4.6
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which...