CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2015-5064 – MySQL Lite Administrator Beta 1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-5064
22 Jun 2015 — Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name parameter to (1) tabella.php, (2) coloni.php, or (3) insert.php or (4) num_row parameter to coloni.php. Múltiples vulnerabilidades de XSS en MySql Lite Administrator (mysql-lite-administrator) beta-1 permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través del parámetro table_name... • https://packetstorm.news/files/id/132420 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2575 – Debian Security Advisory 3621-1
https://notcve.org/view.php?id=CVE-2015-2575
16 Apr 2015 — Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J. Vulnerabilidad no especificada en el componente MySQL Connectors en Oracle MySQL 5.1.34 y anteriores permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos relacionados con Connector/J. A vulnerability was discovered in mysql-connector-java, a Java dat... • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-1466
https://notcve.org/view.php?id=CVE-2014-1466
15 Jan 2014 — SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page. Vulnerabilidad de inyección de SQL en CSP MySQL User Manager 2.3 permite a atacantes remotos ejecutar comandos de SQL arbitrarios a través del campo de login de la página de inicio de sesión. • http://osvdb.org/101867 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 107EXPL: 0CVE-2013-1492 – MySQL yaSSL Heap Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1492
28 Mar 2013 — Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553. Desbordamiento de búfer en yaSSL, como se usa en MySQL v5.1.x hasta 5.1.68 y en v5.5.x antes de v5.5.30, tiene un impacto no especificado y vectores de ataque, una vulnerabilidad diferente a CVE-2012-0553. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MySQL with yaSSL. Authenticat... • http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 105EXPL: 0CVE-2012-0553 – Gentoo Linux Security Advisory 201308-06
https://notcve.org/view.php?id=CVE-2012-0553
28 Mar 2013 — Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492. Desbordamiento de búfer en yaSSL, usado en MySQL v5.1.x antes de v5.1.68 y v5.5.x antes de v5.5.28, tiene un impacto no especificado y vectores de ataque, una vulnerabilidad diferente a CVE-2013-1492. Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service. Versions l... • http://dev.mysql.com/doc/relnotes/mysql/5.1/en/news-5-1-68.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 92EXPL: 0CVE-2012-0882
https://notcve.org/view.php?id=CVE-2012-0882
21 Dec 2012 — Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether... • http://www.openwall.com/lists/oss-security/2012/02/24/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 85EXPL: 3CVE-2009-5026 – Oracle MySQL < 5.1.50 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-5026
17 Aug 2012 — The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments. La característica de comentarios ejecutables en MySQL v5.0.x antes de v5.0.93 y v5.1.x antes de v5.1.50, cuando se ejecuta con ciertas configuraciones de esclavos en la que el esclavo está ejecutando una versión más reciente que el maestro,... • https://www.exploit-db.com/exploits/34796 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 92EXPL: 1CVE-2012-2102 – mysql: Server crash on HANDLER READ NEXT after DELETE
https://notcve.org/view.php?id=CVE-2012-2102
17 Aug 2012 — MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. MySQL v5.1.x antes de v5.1.62 y v5.5.x antes de v5.5.22 permite a usuarios remotos autenticados provocar una denegación de servicio (error de aserción y parada no ordenada de mysqld) mediante la supresión de un registro y usando 'HANDLER READ NEXT'. Multiple vulnerabilities have been found in MySQL, allowing at... • http://bazaar.launchpad.net/~mysql/mysql-server/5.5/revision/3097.15.15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 95EXPL: 0CVE-2012-2749 – mysql: crash caused by wrong calculation of key length for sort order index
https://notcve.org/view.php?id=CVE-2012-2749
17 Aug 2012 — MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index. MySQL v5.1.x antes de v5.1.63 y v5.5.x antes de v5.5.24 permite a usuarios remotos autenticados causar una denegación de servicio (por caída de mysqld) a través de vectores relacionados con un cálculo incorrecto y un índice de orden de clasificación. Multiple vulnerabilities have been found in MySQL, allowing atta... • http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 262EXPL: 0CVE-2012-1696 – Gentoo Linux Security Advisory 201308-06
https://notcve.org/view.php?id=CVE-2012-1696
03 May 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente de servidor MySQL en Oracle MySQL v5.5.19 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Optimizador de servidor. Multiple vulnerabilities have been found in MySQL, allowing attac... • http://secunia.com/advisories/48890 •