Lucene search

K

5 matches found

CVE
CVE
added 2019/02/04 8:29 a.m.751 views

CVE-2019-7317

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

5.3CVSS6.3AI score0.00431EPSS
CVE
CVE
added 2007/05/10 12:19 a.m.122 views

CVE-2007-2583

The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.

4CVSS5.8AI score0.0242EPSS
CVE
CVE
added 2010/07/13 8:30 p.m.86 views

CVE-2010-2008

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA ...

3.5CVSS6.2AI score0.04623EPSS
CVE
CVE
added 2004/11/03 5:0 a.m.72 views

CVE-2004-0835

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.

7.5CVSS6AI score0.03649EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.42 views

CVE-2002-0969

Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.

7.8CVSS7.9AI score0.00103EPSS