CVSS: 6.5EPSS: 1%CPEs: 130EXPL: 0CVE-2010-3837 – MySQL: crash when group_concat and "with rollup" in prepared statements (MySQL Bug#54476)
https://notcve.org/view.php?id=CVE-2010-3837
14 Jan 2011 — MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object. MySQL v5.0 antes de v5.0.92, v5.1 antes de v5.1.51, y v5.5 antes de v5.5.6 permiten a usuarios remotos autenticados causar una denegación de servicio (por caída del s... • http://bugs.mysql.com/bug.php?id=54476 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 1%CPEs: 130EXPL: 0CVE-2010-3838 – MySQL: crash with LONGBLOB and union or update with subquery (MySQL Bug#54461)
https://notcve.org/view.php?id=CVE-2010-3838
14 Jan 2011 — MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table." MySQL v5.0 antes de v5.0.92, v5.1 antes de v5.1.51, y v5.5 antes de v5.5.6 permite a usuarios remotos autenticados causar una denegación de serv... • http://bugs.mysql.com/bug.php?id=54461 •
CVSS: 6.5EPSS: 1%CPEs: 65EXPL: 0CVE-2010-3839 – MySQL: server hangs during JOIN query in stored procedures called twice in a row (MySQL Bug#53544)
https://notcve.org/view.php?id=CVE-2010-3839
14 Jan 2011 — MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements. MySQL v5.1 antes de v5.1.51 y v5.5 antes de v5.5.6 permite a usuarios remotos autenticados causar una denegación de servicio (por un bucle infinito) a través de varias invocaciones de (1) un procedimiento preparado o (2) un procedimiento almacenado que crea una... • http://bugs.mysql.com/bug.php?id=53544 •
CVSS: 6.5EPSS: 1%CPEs: 59EXPL: 0CVE-2010-3840 – MySQL: crash when loading data into geometry function PolyFromWKB() (MySQL Bug#51875)
https://notcve.org/view.php?id=CVE-2010-3840
14 Jan 2011 — The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points. La función Gis_line_string::init_from_wkb en el archivo sql/spatial.cc en MySQL versiones 5.1 anteriores a 5.1.51, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del s... • http://bugs.mysql.com/bug.php?id=51875 •
CVSS: 6.5EPSS: 2%CPEs: 56EXPL: 4CVE-2010-3676 – Oracle MySQL < 5.1.49 - 'DDL' Statements Denial of Service
https://notcve.org/view.php?id=CVE-2010-3676
11 Jan 2011 — storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement. El archivo storage/innobase/dict/dict0crea.c en mysqld en MySQL de Oracle versiones 5.1 anteriores a 5.1.49, permite a los usuarios autenticados remotos causar una denegación de servicio (fallo ... • https://www.exploit-db.com/exploits/34522 •
CVSS: 6.5EPSS: 1%CPEs: 116EXPL: 2CVE-2010-3677 – MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)
https://notcve.org/view.php?id=CVE-2010-3677
11 Jan 2011 — Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.0 anteriores a 5.0.92, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio de mysqld) por medio de una consulta join que utiliza una tabla con una columna SET única. • http://bugs.mysql.com/bug.php?id=54575 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 5%CPEs: 56EXPL: 4CVE-2010-3678 – Oracle MySQL < 5.1.49 - 'WITH ROLLUP' Denial of Service
https://notcve.org/view.php?id=CVE-2010-3678
11 Jan 2011 — Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. MySQL de Oracle versiones 5.1 anteriores a 5.1.49, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) por medio de operaciones (1) IN o (2) CASE con argumentos NULL que son especificados explícitamente o indirectamente proporcionados por... • https://www.exploit-db.com/exploits/15467 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 3%CPEs: 56EXPL: 3CVE-2010-3679 – Oracle MySQL < 5.1.49 - Malformed 'BINLOG' Arguments Denial of Service
https://notcve.org/view.php?id=CVE-2010-3679
11 Jan 2011 — Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind. Oracle MySQL 5.1 ersiones anteriores a la 5.1.49 permite a los usuarios autenticados remotos provocar una denegación de servicio (bloqueo del demonio mysqld) a través de ciertos argumentos al comando BINLOG, que desencadena un acceso a la memoria no inicializada, como lo ... • https://www.exploit-db.com/exploits/34521 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 4%CPEs: 56EXPL: 3CVE-2010-3680 – MySQL 5.1.48 - 'Temporary InnoDB' Tables Denial of Service
https://notcve.org/view.php?id=CVE-2010-3680
11 Jan 2011 — Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure. MySQL de Oracle versiones 5.1 anteriores a 5.1.49, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio mysqld) mediante la creación de tablas temporales con columnas que aceptan valores NULL mientras se utiliza InnoDB, que desencadena un fal... • https://www.exploit-db.com/exploits/34505 •
CVSS: 6.5EPSS: 5%CPEs: 61EXPL: 4CVE-2010-3681 – Oracle MySQL 5.1.48 - 'HANDLER' Interface Denial of Service
https://notcve.org/view.php?id=CVE-2010-3681
11 Jan 2011 — Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. MySQL de Oracle versiones 5.1 anteriores a 5.1.49 y versiones 5.5 anteriores a 5.5.5, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo del demonio mysqld) mediante la interfaz HANDLER y realizar "alternate r... • https://www.exploit-db.com/exploits/34520 •