CVSS: 3.5EPSS: 0%CPEs: 7EXPL: 0CVE-2012-5096
https://notcve.org/view.php?id=CVE-2012-5096
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.5.28 y anteriores permite a usuarios remotos autenticados con los privilegios en el servidor afectar a la disponibilidad a través de vectores desconocidos. • http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16877 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2013-0375 – mysql: Unspecified vulnerability in the server replication of the Oracle MySQL server allows remote attackers to alter confidentiality and integrity
https://notcve.org/view.php?id=CVE-2013-0375
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.1.28 y anteriores, permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad a través de vectores desconocidos relacionados con los servidores de replicación (Replication Server). • http://rhn.redhat.com/errata/RHSA-2013-0219.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17175 https://access.redhat.com/security/cve/CVE-2013-0375 https://bugzilla.redhat.com& •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2013-0384 – mysql: unspecified DoS vulnerability related to Information Schema (CPU Jan 2013)
https://notcve.org/view.php?id=CVE-2013-0384
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.1.66 y anteriores y v5.5.28 y anteriores, permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos relacionados con los esquemas de información. • http://rhn.redhat.com/errata/RHSA-2013-0219.html http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16632 https://access.redhat.com/security/cve/CVE-2013-0384 https://bugzilla.redhat.com& •
CVSS: 4.0EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0371
https://notcve.org/view.php?id=CVE-2013-0371
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM. Una vulnerabilidad no especificada en el componente Servidor de Oracle MySQL v5.5.28 y anteriores permite a usuarios remotos autenticados afectar a la disponibilidad. Se trata de un problema relacionado con MyISAM. • http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html http://www.ubuntu.com/usn/USN-1703-1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16451 •
CVSS: 5.0EPSS: 5%CPEs: 5EXPL: 2CVE-2012-5615 – MySQL - Remote User Enumeration
https://notcve.org/view.php?id=CVE-2012-5615
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames. MySQL v5.5.19 y posiblemente otras versiones, y MariaDB v5.5.28a, v5.3.11, v5.2.13, v5.1.66, y posiblemente con otras versiones, generan mensajes de error diferentes con retardos de tiempo diferentes dependiendo de si existe un nombre de usuario, lo que permite atacantes remotos para enumerar los nombres de usuario válidos. Oracle MySQL suffers from a user enumeration vulnerability. This is a utility that demonstrates the issue. • https://www.exploit-db.com/exploits/23081 https://www.exploit-db.com/exploits/23073 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html http://seclists.org/fulldisclosure/2012/Dec/9 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.mandriva.com/security/advisories?name=MDVSA-2013:102 http://www.openwall.com/lists/oss-security/2012/12/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •