CVSS: 8.1EPSS: 0%CPEs: 27EXPL: 0CVE-2012-3149
https://notcve.org/view.php?id=CVE-2012-3149
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client. Vulnerabilidad no especificada en el componente de MySQL Server v5.5.26 y anteriores de Oracle MySQL, permite a usuarios remotos autenticados afectar a la confidencialidad, relacionado con MySQL Client. • http://secunia.com/advisories/51177 •
CVSS: 9.8EPSS: 1%CPEs: 27EXPL: 0CVE-2012-3147
https://notcve.org/view.php?id=CVE-2012-3147
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client. Vulnerabilidad no especificada en el componente de MySQL Server v5.5.26 y anteriores de Oracle MySQL, permite a usuarios remotos autenticados afectar a la integridad y disponibilidad, relacionado con MySQL Client. • http://secunia.com/advisories/51177 •
CVSS: 9.1EPSS: 0%CPEs: 25EXPL: 0CVE-2012-3156
https://notcve.org/view.php?id=CVE-2012-3156
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.5.25 y anteriores, permite a usuarios remotos autenticados a afectar la disponibilidad a través de vectores desconocidos relacionados con Server. • http://secunia.com/advisories/51177 •
CVSS: 7.4EPSS: 0%CPEs: 27EXPL: 0CVE-2012-3144
https://notcve.org/view.php?id=CVE-2012-3144
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. Vulnerabilidad no especificada en el componente MySQL Serve en Oracle MySQL v5.5.26 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad mediante vectores relacionados con Server. • http://secunia.com/advisories/51177 •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3150 – mysql: unspecified DoS vulnerability related to Server Optimizer (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3150
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Vulnerabilidad no especificada en el componente de MySQL Server de Oracle MySQL v5.1.64 y anteriores y 5.5.26 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con el Server Optimizer. Multiple vulnerabilities h... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3158 – mysql: unspecified vulnerability related to the MySQL Protocol (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3158
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.64 y anteriores, y v5.5.26 y anteriores, permite a usuarios remotos autenticados a afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Pro... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2012-3160 – mysql: unspecified vulnerability in Server Installation leading to information disclosure (CPU Oct 2012)
https://notcve.org/view.php?id=CVE-2012-3160
16 Oct 2012 — Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation. Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL v5.1.65 y anteriores, y v5.5.27 y anteriores, permite a usuarios locales a afectar la confidencialidad a través de vectores desconocidos relacionados con Server Installation. Multiple vulnerabilities have been found in MyS... • http://rhn.redhat.com/errata/RHSA-2012-1462.html •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2012-5383 – IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL
https://notcve.org/view.php?id=CVE-2012-5383
11 Oct 2012 — Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 S... • https://www.exploit-db.com/exploits/28130 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4452 – mysql: regression of CVE-2009-4030
https://notcve.org/view.php?id=CVE-2012-4452
09 Oct 2012 — MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home ... • http://rhn.redhat.com/errata/RHSA-2013-0121.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 85EXPL: 3CVE-2009-5026 – Oracle MySQL < 5.1.50 - Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-5026
17 Aug 2012 — The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments. La característica de comentarios ejecutables en MySQL v5.0.x antes de v5.0.93 y v5.1.x antes de v5.1.50, cuando se ejecuta con ciertas configuraciones de esclavos en la que el esclavo está ejecutando una versión más reciente que el maestro,... • https://www.exploit-db.com/exploits/34796 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •