Page 43 of 267 results (0.007 seconds)

CVSS: 6.5EPSS: 94%CPEs: 47EXPL: 2

CVE-2012-5611 – MySQL (Linux) - Stack Buffer Overrun (PoC)

https://notcve.org/view.php?id=CVE-2012-5611

Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. Desbordamiento de búfer basado en pila en MySQL v5.5.19, v5.1.53, y posiblemente otras versiones, y MariaDB v5.5.2.x antes de v5.5.28a, v5.3.x antes de v5.3.11, v5.2.x antes de v5.2.13 y v5.1.x antes de v5.1.66, permite a usuarios autenticados remotamente ejecutar código de su elección a través de un argumento largo en el comando GRANT FILE. • https://www.exploit-db.com/exploits/23075 http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html http://lists • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 4.0EPSS: 0%CPEs: 15EXPL: 0

CVE-2012-0574 – mysql: unspecified DoS vulnerability related to Server (CPU Jan 2013)

https://notcve.org/view.php?id=CVE-2012-0574

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Server en Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=135109152819176&w=2 http://rhn.redhat.com/errata/RHSA-2013-0219.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17266 https://access.redhat.com •

CVSS: 9.0EPSS: 0%CPEs: 37EXPL: 0

CVE-2012-3163 – mysql: unspecified vulnerability related to Information Schema (CPU Oct 2012)

https://notcve.org/view.php?id=CVE-2012-3163

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Information Schema. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://secunia.com/advisories/56509 http://secunia.com/advisories/56513 http://security.gentoo.org/glsa/glsa-201308-06.xml http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14907.html http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http:/&# •

CVSS: 4.0EPSS: 0%CPEs: 15EXPL: 0

CVE-2012-3166 – mysql: unspecified DoS vulnerability related to InnoDB (CPU Oct 2012)

https://notcve.org/view.php?id=CVE-2012-3166

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con InnoDB. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.ubuntu.com/usn/USN-1621-1 https://access.redhat.com/security/cve/CVE-2 •

CVSS: 3.5EPSS: 0%CPEs: 14EXPL: 0

CVE-2012-3167 – mysql: unspecified DoS vulnerability related to Server Full Text Search (CPU Oct 2012)

https://notcve.org/view.php?id=CVE-2012-3167

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.63 y anteriores, y v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server Full Text Search. • http://rhn.redhat.com/errata/RHSA-2012-1462.html http://secunia.com/advisories/51177 http://secunia.com/advisories/51309 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2581 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html http://www.ubuntu.com/usn/USN-1621-1 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •