CVSS: 8.8EPSS: 0%CPEs: 77EXPL: 0CVE-2012-4414 – Ubuntu Security Notice USN-1807-1
https://notcve.org/view.php?id=CVE-2012-4414
22 Jan 2013 — Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete. Múltiples vulnerabilidades de inyección SQL en el código de replicación de... • http://bugs.mysql.com/bug.php?id=66550 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.4EPSS: 0%CPEs: 27EXPL: 0CVE-2012-3144 – Ubuntu Security Notice USN-1621-1
https://notcve.org/view.php?id=CVE-2012-3144
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. Vulnerabilidad no especificada en el componente MySQL Serve en Oracle MySQL v5.5.26 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad mediante vectores relacionados con Server. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these iss... • http://secunia.com/advisories/51177 •
CVSS: 9.8EPSS: 0%CPEs: 27EXPL: 0CVE-2012-3147 – Ubuntu Security Notice USN-1621-1
https://notcve.org/view.php?id=CVE-2012-3147
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client. Vulnerabilidad no especificada en el componente de MySQL Server v5.5.26 y anteriores de Oracle MySQL, permite a usuarios remotos autenticados afectar a la integridad y disponibilidad, relacionado con MySQL Client. Updated mariadb packages includes fixes for the following security Unspecified vulnerability in the MySQL Server compone... • http://secunia.com/advisories/51177 •
CVSS: 8.1EPSS: 0%CPEs: 27EXPL: 0CVE-2012-3149 – Ubuntu Security Notice USN-1621-1
https://notcve.org/view.php?id=CVE-2012-3149
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client. Vulnerabilidad no especificada en el componente de MySQL Server v5.5.26 y anteriores de Oracle MySQL, permite a usuarios remotos autenticados afectar a la confidencialidad, relacionado con MySQL Client. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL ha... • http://secunia.com/advisories/51177 •
CVSS: 9.1EPSS: 0%CPEs: 25EXPL: 0CVE-2012-3156 – Ubuntu Security Notice USN-1621-1
https://notcve.org/view.php?id=CVE-2012-3156
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versi... • http://secunia.com/advisories/51177 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4452 – mysql: regression of CVE-2009-4030
https://notcve.org/view.php?id=CVE-2012-4452
09 Oct 2012 — MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home ... • http://rhn.redhat.com/errata/RHSA-2013-0121.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 262EXPL: 0CVE-2012-1696 – Gentoo Linux Security Advisory 201308-06
https://notcve.org/view.php?id=CVE-2012-1696
03 May 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente de servidor MySQL en Oracle MySQL v5.5.19 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Optimizador de servidor. Multiple vulnerabilities have been found in MySQL, allowing attac... • http://secunia.com/advisories/48890 •
CVSS: 9.1EPSS: 0%CPEs: 89EXPL: 0CVE-2012-0583 – mysql: unspecified DoS vulnerability in MyISAM (Oracle CPU April 2012)
https://notcve.org/view.php?id=CVE-2012-0583
03 May 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.60 y anteriores, y v5.5.19 y anteriores, que permite a usuarios remotos autenticados afectar la disponibilidad, relacionado con MyISAM. Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed b... • http://secunia.com/advisories/48890 •
CVSS: 6.5EPSS: 1%CPEs: 116EXPL: 2CVE-2010-3677 – MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)
https://notcve.org/view.php?id=CVE-2010-3677
09 Nov 2010 — Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio de mysqld) por medio de una consulta join que utiliza una tabla con una columna SET única. Multiple vulnerabilities has been fo... • http://bugs.mysql.com/bug.php?id=54575 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 116EXPL: 4CVE-2010-3682 – MySQL 5.1.48 - 'EXPLAIN' Denial of Service
https://notcve.org/view.php?id=CVE-2010-3682
09 Nov 2010 — Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio ... • https://www.exploit-db.com/exploits/34506 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •