CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 3CVE-2007-1420 – MySQL 5.0.x - Single Row SubSelect Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-1420
12 Mar 2007 — MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function. MySQL versión 5.x anterior a 5.0.36, permite a los usuarios locales causar una denegación de servicio (bloqueo de base de datos) al realizar subselecciones de la tabla information_schema y utilizar ORDE... • https://www.exploit-db.com/exploits/29724 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 95EXPL: 3CVE-2006-4226 – mysql-server create database privilege escalation
https://notcve.org/view.php?id=CVE-2006-4226
18 Aug 2006 — MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. MySQL anteriores a 4.1.21, 5.0 anterior a 5.0.25, y 5.1 anteriores a 5.1.12, cuando se ejecutan en sistemas de fichero sensibles al uso de mayúsculas o minúscular, permite a usuarios autenticados remotamente crear o acceder a una base de datos cuando ... • http://bugs.mysql.com/bug.php?id=17647 •
CVSS: 9.1EPSS: 0%CPEs: 151EXPL: 1CVE-2006-4031 – MySQL improper permission revocation
https://notcve.org/view.php?id=CVE-2006-4031
09 Aug 2006 — MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. MySQL 4.1 anterior a 4.1.21 y 5.0 anterior a 5.0.24 permite a usuarios locales acceder a una tabla a través de una tabla MERGE previamente creada, incluso después de que los privilegios del usuario han sido revocados para la tabla original, lo cual podría violar la polít... • http://bugs.mysql.com/bug.php?id=15195 •
CVSS: 9.1EPSS: 83%CPEs: 71EXPL: 1CVE-2006-1516 – MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage
https://notcve.org/view.php?id=CVE-2006-1516
05 May 2006 — The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. Stefano Di Paola... • https://www.exploit-db.com/exploits/1742 •
CVSS: 7.5EPSS: 9%CPEs: 71EXPL: 0CVE-2006-1517 – Debian Linux Security Advisory 1071-1
https://notcve.org/view.php?id=CVE-2006-1517
05 May 2006 — sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. Stefano Di Paola discovered an information leak in the login packet parser. By sending a specially crafted malformed login packet, a remote attacker could exploit this to read a random piece of memory, which could potentially reveal sensitive data. Stefa... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939 •
CVSS: 9.1EPSS: 0%CPEs: 133EXPL: 1CVE-2006-0903 – MySQL 5.0.18 - Query Logging Bypass
https://notcve.org/view.php?id=CVE-2006-0903
27 Feb 2006 — MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query. Several vulnerabilities have been discovered in MySQL, a popular SQL database. • https://www.exploit-db.com/exploits/27326 •
CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2005-2573
https://notcve.org/view.php?id=CVE-2005-2573
16 Aug 2005 — The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html •
CVSS: 8.8EPSS: 14%CPEs: 38EXPL: 0CVE-2005-2558 – Mandriva Linux Security Advisory 2005.163
https://notcve.org/view.php?id=CVE-2005-2558
16 Aug 2005 — Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. A stack-based buffer overflow in the init_syms function of MySQL, a popular database, has been discovered that allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field. The ability to... • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.18.1/SCOSA-2006.18.1.txt •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2005-1636
https://notcve.org/view.php?id=CVE-2005-1636
17 May 2005 — mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents. • http://marc.info/?l=full-disclosure&m=111632686805498&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 3CVE-2005-0711 – MySQL 4.x - CREATE Temporary TABLE Symlink Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-0711
11 Mar 2005 — MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. Debian Security Advisory 707-1. Multiple issues with MySQL, including: incorrect privilege handling (users get illegitimate access to databases named similarly to those they have legitimate access to), arbitrary command execution for any user that has been granted INSERT and DELETE righ... • https://www.exploit-db.com/exploits/25211 •