CVSS: 7.5EPSS: 51%CPEs: 14EXPL: 5CVE-2012-5612 – MySQL (Linux) - Heap Overrun (PoC)
https://notcve.org/view.php?id=CVE-2012-5612
03 Dec 2012 — Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET... • https://packetstorm.news/files/id/118551 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 63%CPEs: 47EXPL: 3CVE-2012-5611 – MySQL (Linux) - Stack Buffer Overrun (PoC)
https://notcve.org/view.php?id=CVE-2012-5611
03 Dec 2012 — Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. Desbordamiento de búfer basado en pila en MySQL v5.5.19, v5.1.53, y posiblemente otras versiones, y MariaDB v5.5.2.x antes de v5.5.28a, v5.3.x ante... • https://packetstorm.news/files/id/118550 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2012-0574 – mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2012-0574
25 Oct 2012 — Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to ... • http://marc.info/?l=bugtraq&m=135109152819176&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 37EXPL: 0CVE-2012-3163 – mysql: unspecified vulnerability related to Information Schema (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3163
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos ... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2012-3166 – mysql: unspecified DoS vulnerability related to InnoDB (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3166
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB. Multiple security issues were discovered in MySQL ... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3167 – mysql: unspecified DoS vulnerability related to Server Full Text Search (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3167
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server Full Text Search. Multiple securit... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3173 – mysql: unspecified DoS vulnerability related to InnoDB Plugin (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3173
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB Plugin. Multiple security issues were discov... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 1%CPEs: 14EXPL: 0CVE-2012-3177 – mysql: unspecified Server DoS vulnerability (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3177
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.65 y anteriores, y v5.5.27 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server. Multiple security issues were discovered in MySQL ... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3180 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3180
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.65 y anteriores, y v5.5.27 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server Optimizer. Multiple security issues were ... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3197 – mysql: unspecified DoS vulnerability related to Server Replication (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3197
17 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication. Vulnerabilidad no especificada en el componente de MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios autenticados remotamente afectar a la disponibilidad a través de vectores desconocidos relacionados con Server Replication. Multiple security i... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •