6790 matches found
CVE-2012-5627
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the changeuser command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks...
Command injection
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the changeuser command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks...
UBUNTU-CVE-2012-5627
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the changeuser command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks...
CVE-2012-5627
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the changeuser command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks...
CVE-2012-5627
CVE-2012-5627 affects Oracle MySQL and MariaDB where the salt is not changed during multiple executions of the CHANGE_USER command within the same MySQL/MariaDB connection. This allows remote authenticated users to more easily brute-force passwords. Affected versions include MySQL/MariaDB: 5.5.x ...
CVE-2012-5627
Disclaimer: This data contains information about vulnerable...
mysql: COM_BINLOG_DUMP crash on invalid data
Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service mysqld crash via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements...
Fedora 17 : phpMyAdmin-3.5.8-1.fc17 (2013-5623)
phpMyAdmin 3.5.8.0 2013-04-08 =============================== - bug MariaDB reported as MySQL - bug Incorrect header for Safari 6.0 - bug Attempt to open trigger for edit gives NULL - change Use HTML5 DOCTYPE - security Self-XSS on GIS visualisation page, reported by Janek Vind - bug Incorrect...
Fedora 19 : phpMyAdmin-3.5.8-1.fc19 (2013-5604)
phpMyAdmin 3.5.8.0 2013-04-08 =============================== - bug MariaDB reported as MySQL - bug Incorrect header for Safari 6.0 - bug Attempt to open trigger for edit gives NULL - change Use HTML5 DOCTYPE - security Self-XSS on GIS visualisation page, reported by Janek Vind - bug Incorrect...
Fedora 18 : phpMyAdmin-3.5.8-1.fc18 (2013-5620)
phpMyAdmin 3.5.8.0 2013-04-08 =============================== - bug MariaDB reported as MySQL - bug Incorrect header for Safari 6.0 - bug Attempt to open trigger for edit gives NULL - change Use HTML5 DOCTYPE - security Self-XSS on GIS visualisation page, reported by Janek Vind - bug Incorrect...
Mandriva Linux Security Advisory : mariadb (MDVSA-2013:102)
Updated mariadb packages includes fixes for the following security vulnerabilities : Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client CVE-2012-3147. Unspecified...
Security fix for the ALT Linux 8 package mariadb version April
April 1, 2013 Michael Shigorin 5.5.30-alt10 - New version - NB: 5.5.29 had important security fixes, including: + A buffer overflow that can cause a server crash or arbitrary code execution a variant of CVE-2012-5611 + CVE-2012-5627 fast password brute-forcing using the "change user" +...
MariaDB 5.5.0 < 5.5.28 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 5.5.28. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.28 advisory. - Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote...
MariaDB 5.5.0 < 5.5.30 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 5.5.30. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.30 advisory. - Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticat...
CVE-2013-1861
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...
Design/Logic Flaw
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...
CVE-2013-1861
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...
CVE-2013-1861
CVE-2013-1861 affects MariaDB SQL branches (5.5.x up to 5.5.30, 5.3.x up to 5.3.13, 5.2.x up to 5.2.15, 5.1.x up to 5.1.68) and Oracle MySQL (5.1.69 and earlier, 5.5.31 and earlier, 5.6.11 and earlier). The vulnerability allows remote DoS (crash) via a crafted geometry feature with a large number...
CVE-2013-1861
Disclaimer: This data contains information about vulnerable...
CVE-2013-1861
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...