Page 38 of 197 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 42EXPL: 0

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369735 http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.mysql.com/announce/364 http://secunia.com/advisories/20365 http://secunia.com/advisories/20489 http://secunia.com/advisories/20531 http://secunia.com/advisories/20541 http://secunia.com/advisories/20562 http://secunia.com/advisories/20625 http://secunia.com/advisories/20712 http:&# •

CVSS: 5.0EPSS: 37%CPEs: 71EXPL: 0

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365939 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20002 http://secunia.com/advisories/20073 http://secunia.com/advisories/20076 http://secun •

CVSS: 5.0EPSS: 81%CPEs: 71EXPL: 1

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. • https://www.exploit-db.com/exploits/1742 http://bugs.debian.org/365938 http://dev.mysql.com/doc/refman/5.0/en/news-5-0-21.html http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0011.html http://secunia.com/advisories/19929 http://secunia.com/advisories/20002 http://secunia.com/advisories/20073 http://secunia.com/advisories/20 •

CVSS: 4.6EPSS: 0%CPEs: 133EXPL: 1

MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query. • https://www.exploit-db.com/exploits/27326 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0653.html http://bugs.mysql.com/bug.php?id=17667 http://rst.void.ru/papers/advisory39.txt http://secunia.com/advisories/19034 http://secunia.com/advisories/19502 http://secunia.com/advisories/19814 http://secunia.com/advisories/20241 http://secunia.com/advisories/20253 http://secunia.com/advisories/20333 http://secunia.com/advisories/20625 http://secunia.com/advisories& •

CVSS: 5.0EPSS: 0%CPEs: 38EXPL: 0

The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035847.html http://marc.info/?l=bugtraq&m=112360618320729&w=2 http://mysql.bkbits.net:8080/mysql-4.0/cset%40428b981bg2iwh3CbGANDaF-W6DbttA http://mysql.bkbits.net:8080/mysql-4.0/gnupatch%40428b981bg2iwh3CbGANDaF-W6DbttA http://www.appsecinc.com/resources/alerts/mysql/2005-001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21738 •