Lucene search

K
OracleMysql

1325 matches found

CVE
CVE
added 2018/04/19 2:29 a.m.73 views

CVE-2018-2762

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQ...

4.4CVSS4.7AI score0.00108EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.73 views

CVE-2018-2775

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

6.5CVSS5.6AI score0.00571EPSS
CVE
CVE
added 2004/11/03 5:0 a.m.72 views

CVE-2004-0835

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.

7.5CVSS6AI score0.03649EPSS
CVE
CVE
added 2012/10/16 11:55 p.m.72 views

CVE-2012-3144

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

4CVSS5.2AI score0.00605EPSS
CVE
CVE
added 2014/10/15 10:55 p.m.72 views

CVE-2014-6564

Unspecified vulnerability in Oracle MySQL Server 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB FULLTEXT SEARCH DML.

4CVSS6.1AI score0.00615EPSS
CVE
CVE
added 2015/07/16 11:1 a.m.72 views

CVE-2015-4772

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

4CVSS4.5AI score0.0077EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.72 views

CVE-2016-5437

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Log.

4.9CVSS5.2AI score0.00633EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.72 views

CVE-2016-5625

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging.

7CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.72 views

CVE-2016-5627

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB.

6.5CVSS5.5AI score0.01181EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.72 views

CVE-2016-5633

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-8290.

4.9CVSS4.2AI score0.00432EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.72 views

CVE-2018-2805

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). Supported versions that are affected are 5.6.39 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful att...

6.5CVSS6.1AI score0.00979EPSS
CVE
CVE
added 2024/04/16 10:15 p.m.72 views

CVE-2024-21101

Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via mul...

2.2CVSS4.9AI score0.00123EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.71 views

CVE-2000-0981

MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.

7.2CVSS6.5AI score0.00919EPSS
CVE
CVE
added 2012/10/09 11:55 p.m.71 views

CVE-2012-4452

MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can poi...

2.1CVSS6.2AI score0.00057EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.71 views

CVE-2016-3501

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

6.5CVSS5.7AI score0.01876EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.71 views

CVE-2016-5630

Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB.

4.9CVSS4.9AI score0.00643EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.71 views

CVE-2016-8286

Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges.

3.5CVSS3.8AI score0.00293EPSS
CVE
CVE
added 2018/01/18 2:29 a.m.71 views

CVE-2018-2586

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful atta...

6.8CVSS4.8AI score0.00666EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.70 views

CVE-2005-0711

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

2.1CVSS8.6AI score0.0034EPSS
CVE
CVE
added 2011/01/11 8:0 p.m.70 views

CVE-2010-3679

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.

4CVSS5.7AI score0.04416EPSS
CVE
CVE
added 2011/01/14 7:2 p.m.70 views

CVE-2010-3840

The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line po...

4CVSS5.8AI score0.00763EPSS
CVE
CVE
added 2014/04/16 2:55 a.m.70 views

CVE-2014-2435

Unspecified vulnerability in Oracle MySQL Server 5.6.16 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

4CVSS5.2AI score0.00332EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.70 views

CVE-2015-0511

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.

2.8CVSS5.2AI score0.0043EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.70 views

CVE-2016-0656

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0654.

5.5CVSS4.8AI score0.00134EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.70 views

CVE-2016-0663

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to Performance Schema.

4.7CVSS4.2AI score0.00134EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.70 views

CVE-2016-5628

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: DML.

4.9CVSS4.5AI score0.00678EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.70 views

CVE-2018-2769

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Succ...

4.9CVSS5AI score0.00439EPSS
CVE
CVE
added 2007/03/12 11:19 p.m.69 views

CVE-2007-1420

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort...

2.1CVSS5.7AI score0.00148EPSS
CVE
CVE
added 2012/01/18 10:55 p.m.69 views

CVE-2012-0489

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.

4CVSS4.5AI score0.00765EPSS
CVE
CVE
added 2014/07/17 11:17 a.m.69 views

CVE-2014-4233

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SRREP.

4CVSS5.1AI score0.00803EPSS
CVE
CVE
added 2014/07/17 11:17 a.m.69 views

CVE-2014-4238

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR.

4CVSS5.1AI score0.00803EPSS
CVE
CVE
added 2015/01/21 6:59 p.m.69 views

CVE-2015-0409

Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

4CVSS6.2AI score0.00707EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.69 views

CVE-2015-0439

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

4CVSS4.6AI score0.00924EPSS
CVE
CVE
added 2016/01/21 3:2 a.m.69 views

CVE-2016-0607

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.

2.8CVSS5.5AI score0.00834EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.69 views

CVE-2016-0654

Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to InnoDB, a different vulnerability than CVE-2016-0656.

5.5CVSS4.8AI score0.00134EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.69 views

CVE-2016-0657

Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows local users to affect confidentiality via vectors related to JSON.

5.5CVSS4.6AI score0.00184EPSS
CVE
CVE
added 2016/07/21 10:12 a.m.69 views

CVE-2016-3424

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer.

4.9CVSS5.2AI score0.00805EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.69 views

CVE-2018-2778

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

4.9CVSS5AI score0.00439EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.68 views

CVE-2000-0148

MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.

7.5CVSS7.1AI score0.00443EPSS
CVE
CVE
added 2007/12/10 9:46 p.m.68 views

CVE-2007-6303

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER V...

3.5CVSS9.3AI score0.00522EPSS
CVE
CVE
added 2012/01/18 10:55 p.m.68 views

CVE-2012-0488

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.

4CVSS4.5AI score0.00765EPSS
CVE
CVE
added 2013/07/17 1:41 p.m.68 views

CVE-2013-3796

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

4CVSS5.1AI score0.00717EPSS
CVE
CVE
added 2014/07/17 5:10 a.m.68 views

CVE-2014-2484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.

6.5CVSS5.1AI score0.00834EPSS
CVE
CVE
added 2014/07/17 11:17 a.m.68 views

CVE-2014-4240

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP.

3.6CVSS4.9AI score0.00059EPSS
CVE
CVE
added 2015/04/16 4:59 p.m.68 views

CVE-2015-0507

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.

3.5CVSS5.2AI score0.0047EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.68 views

CVE-2016-5442

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Encryption.

4.9CVSS5.2AI score0.00505EPSS
CVE
CVE
added 2016/07/21 10:14 a.m.68 views

CVE-2016-5443

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection.

4.7CVSS4.8AI score0.00057EPSS
CVE
CVE
added 2016/10/25 2:31 p.m.68 views

CVE-2016-5635

Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Security: Audit.

4.9CVSS4.5AI score0.00374EPSS
CVE
CVE
added 2018/04/19 2:29 a.m.68 views

CVE-2018-2776

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks ...

4.9CVSS5.1AI score0.00439EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.67 views

CVE-2002-1809

The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.

7.5CVSS6.8AI score0.08984EPSS
Total number of security vulnerabilities1325