CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2013-0385 – mysql: Unspecified vulnerability in the server replication of the Oracle MySQL server allows local attackers to alter confidentiality and integrity
https://notcve.org/view.php?id=CVE-2013-0385
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios locales afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con un servidor de replicación (Replication Server).... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 0CVE-2013-0389 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2013-0389
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el optimizador del servidor Multiple security issues we... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-0572 – mysql: unspecified DoS vulnerability related to InnoDB (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-0572
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con InnoDB. Multiple security issues were discovered in MySQL and this update ... • http://rhn.redhat.com/errata/RHSA-2013-0219.html •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2012-0578 – Gentoo Linux Security Advisory 201308-06
https://notcve.org/view.php?id=CVE-2012-0578
17 Jan 2013 — Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con "Server Optimizer". Multiple security issues were discovered in MySQL and this update includes new upstream My... • http://secunia.com/advisories/53372 •
CVSS: 9.8EPSS: 8%CPEs: 92EXPL: 0CVE-2012-0882
https://notcve.org/view.php?id=CVE-2012-0882
21 Dec 2012 — Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether... • http://www.openwall.com/lists/oss-security/2012/02/24/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 62%CPEs: 47EXPL: 3CVE-2012-5611 – MySQL (Linux) - Stack Buffer Overrun (PoC)
https://notcve.org/view.php?id=CVE-2012-5611
03 Dec 2012 — Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. Desbordamiento de búfer basado en pila en MySQL v5.5.19, v5.1.53, y posiblemente otras versiones, y MariaDB v5.5.2.x antes de v5.5.28a, v5.3.x ante... • https://packetstorm.news/files/id/118550 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 7%CPEs: 9EXPL: 3CVE-2012-5614 – MySQL - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2012-5614
03 Dec 2012 — Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements. MySQL v5.5.19 y posiblemente otras versiones, y MariaDB v5.5.28a y posiblemente otras versiones, permiten a usuarios remotos autenticados provocar una denegación de servicio (caída de mysqld) a través de un comando SELE... • https://packetstorm.news/files/id/118553 •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-0574 – mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-0574
25 Oct 2012 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to ... • http://marc.info/?l=bugtraq&m=135109152819176&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 37EXPL: 0CVE-2012-3163 – mysql: unspecified vulnerability related to Information Schema (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3163
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos ... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2012-3166 – mysql: unspecified DoS vulnerability related to InnoDB (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3166
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB. Multiple security issues were discovered in MySQL ... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •