Lucene search

K
OracleMysql

1325 matches found

CVE
CVE
added 2013/01/22 11:55 p.m.74 views

CVE-2012-4414

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the...

6.5CVSS5.8AI score0.0062EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.74 views

CVE-2015-0405

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

4CVSS5.2AI score0.00727EPSS
CVE
CVE
added 2016/01/21 3:0 a.m.74 views

CVE-2016-0502

Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

6.5CVSS5.4AI score0.00559EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.74 views

CVE-2016-3588

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect integrity and availability via vectors related to Server: InnoDB.

5.9CVSS5.3AI score0.00617EPSS
CVE
CVE
added 2017/08/08 3:29 p.m.74 views

CVE-2017-3646

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...

4.9CVSS4.5AI score0.00291EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.74 views

CVE-2018-2779

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS5AI score0.00439EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.73 views

CVE-2005-0709

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.

4.6CVSS9.3AI score0.3706EPSS
CVE
CVE
added 2005/05/17 4:0 a.m.73 views

CVE-2005-1636

mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.

4.6CVSS7AI score0.00022EPSS
CVE
CVE
added 2011/01/11 8:0 p.m.73 views

CVE-2010-3683

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.

4CVSS6.2AI score0.05878EPSS
CVE
CVE
added 2012/08/17 12:55 a.m.73 views

CVE-2012-2102

MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.

3.5CVSS5AI score0.00831EPSS
CVE
CVE
added 2013/04/17 12:14 p.m.73 views

CVE-2013-1512

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

4CVSS4.3AI score0.00447EPSS
CVE
CVE
added 2013/04/17 12:19 p.m.73 views

CVE-2013-1523

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.

4.6CVSS4.3AI score0.00417EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.73 views

CVE-2015-0506

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2015-0508.

3.5CVSS5.2AI score0.00392EPSS
CVE
CVE
added 2015/07/16 11:0 a.m.73 views

CVE-2015-4767

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4769.

1.7CVSS4.6AI score0.00822EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.73 views

CVE-2016-0659

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Optimizer.

5.5CVSS4.8AI score0.00151EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.73 views

CVE-2016-0667

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Locking.

4.4CVSS4.8AI score0.00163EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.73 views

CVE-2016-3486

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS.

6.8CVSS5.7AI score0.05386EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.73 views

CVE-2016-8287

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication.

4.5CVSS4.2AI score0.00371EPSS
CVE
CVE
added 2006/05/05 12:46 p.m.72 views

CVE-2006-1516

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.

5CVSS7.8AI score0.622EPSS
CVE
CVE
added 2012/01/18 10:55 p.m.72 views

CVE-2012-0493

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.

2.1CVSS4.5AI score0.00765EPSS
CVE
CVE
added 2013/04/17 12:19 p.m.72 views

CVE-2013-1526

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.

4CVSS4.3AI score0.00503EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.72 views

CVE-2015-0508

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-0506.

4CVSS5.2AI score0.00392EPSS
CVE
CVE
added 2015/07/16 10:59 a.m.72 views

CVE-2015-2617

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Partition.

6.5CVSS4.5AI score0.0066EPSS
CVE
CVE
added 2015/07/16 11:1 a.m.72 views

CVE-2015-4771

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR.

3.5CVSS4.5AI score0.0072EPSS
CVE
CVE
added 2016/10/25 2:29 p.m.72 views

CVE-2016-5507

Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

6.8CVSS4.9AI score0.00391EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.72 views

CVE-2020-2806

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Supported versions that are affected are 5.7.28 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful at...

5.3CVSS5.7AI score0.00526EPSS
CVE
CVE
added 2011/01/11 8:0 p.m.71 views

CVE-2010-3678

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.

4CVSS5.7AI score0.05878EPSS
CVE
CVE
added 2012/07/17 11:55 p.m.71 views

CVE-2012-1757

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

4CVSS5.3AI score0.00572EPSS
CVE
CVE
added 2012/12/03 12:49 p.m.71 views

CVE-2012-5613

MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as th...

6CVSS5.3AI score0.89398EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.71 views

CVE-2013-3806

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.

4CVSS5.2AI score0.00717EPSS
CVE
CVE
added 2014/01/15 4:8 p.m.71 views

CVE-2014-0431

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5881.

3.5CVSS5.2AI score0.00661EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.71 views

CVE-2015-0498

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.

1.7CVSS5.2AI score0.00389EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.71 views

CVE-2016-0611

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4CVSS5.5AI score0.00746EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.71 views

CVE-2016-0662

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect availability via vectors related to Partition.

5.5CVSS4.8AI score0.00151EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.71 views

CVE-2016-3440

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

7.7CVSS6.4AI score0.00779EPSS
CVE
CVE
added 2016/07/21 10:13 a.m.71 views

CVE-2016-3518

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

6.8CVSS5.7AI score0.01498EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.71 views

CVE-2016-5439

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges.

4.9CVSS5.2AI score0.00506EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.71 views

CVE-2016-8284

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication.

1.8CVSS4.1AI score0.0008EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.71 views

CVE-2016-8288

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.

4.9CVSS4AI score0.00199EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.71 views

CVE-2018-2762

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQ...

4.4CVSS4.7AI score0.00108EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.71 views

CVE-2018-2775

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS5.6AI score0.00571EPSS
CVE
CVE
added 2024/04/16 10:15 p.m.71 views

CVE-2024-21101

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via mul...

2.2CVSS4.9AI score0.0009EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.70 views

CVE-2000-0981

MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.

7.2CVSS6.5AI score0.00919EPSS
CVE
CVE
added 2006/02/27 11:2 p.m.70 views

CVE-2006-0903

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_qu...

4.6CVSS6.3AI score0.00236EPSS
CVE
CVE
added 2006/05/05 12:46 p.m.70 views

CVE-2006-1517

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.

5CVSS7.6AI score0.03978EPSS
CVE
CVE
added 2012/01/18 10:55 p.m.70 views

CVE-2012-0118

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.

4.9CVSS4.4AI score0.00716EPSS
CVE
CVE
added 2012/07/17 10:55 p.m.70 views

CVE-2012-1735

Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

6.8CVSS5.3AI score0.01002EPSS
CVE
CVE
added 2012/10/16 11:55 p.m.70 views

CVE-2012-3144

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

4CVSS5.2AI score0.00605EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.70 views

CVE-2013-3810

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.

3.5CVSS5.1AI score0.00671EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.70 views

CVE-2014-2442

Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM.

4CVSS5.2AI score0.00294EPSS
Total number of security vulnerabilities1325