CVSS: 4.0EPSS: 1%CPEs: 93EXPL: 0CVE-2012-0119 – mysql: Unspecified vulnerability allows remote authenticated users to affect availability
https://notcve.org/view.php?id=CVE-2012-0119
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL v5.1.x y v5.5.x permite a usuarios remotos autenticados afectar a la disponibilidad de los datos a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a las de los CVEs: CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485 y CVE-2012-0492. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687 http://secunia.com/advisories/48250 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2429 http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.ubuntu.com/usn/USN-1397-1 https://access.redhat.com/security/cve/CVE-2012-0119 https://bugzilla.redhat.com/show_bug.cgi?id=783806 •
CVSS: 4.0EPSS: 1%CPEs: 22EXPL: 0CVE-2012-0495
https://notcve.org/view.php?id=CVE-2012-0495
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL v5.5.x permite a usuarios remotos autenticados afectar a la disponibilidad de los datos a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a las de los siguientes CVEs: CVE-2012-0117, CVE-2012-0486, CVE-2012-0,487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491 y CVE-2012-0493. • http://osvdb.org/78390 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.ubuntu.com/usn/USN-1397-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/72533 •
CVSS: 5.5EPSS: 0%CPEs: 93EXPL: 0CVE-2012-0113 – mysql: Unspecified vulnerability allows remote authenticated users to affect confidentiality and availability
https://notcve.org/view.php?id=CVE-2012-0113
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL v5.1.x y v5.5.x permite a usuarios remotos autenticados afectar a la confidencialidad y a la disponibilidad de los datos a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a la CVE-2012-0118. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687 http://secunia.com/advisories/48250 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.debian.org/security/2012/dsa-2429 http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.ubuntu.com/usn/USN-1397-1 https://access.redhat.com/security/cve/CVE-2012-0113 https://bugzilla.redhat.com/show_bug.cgi?id=783800 •
CVSS: 4.0EPSS: 1%CPEs: 22EXPL: 0CVE-2012-0489
https://notcve.org/view.php?id=CVE-2012-0489
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495. Vulnerabilidad no especificada en el componente MySQL Server de Oracle MySQL v5.5.x permite a usuarios remotos autenticados afectar a la disponibilidad de los datos a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a las de los siguientes CVEs: CVE-2012-0117, CVE-2012-0486, CVE-2012-0,487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493 y CVE-2012-0495. • http://osvdb.org/78387 http://secunia.com/advisories/53372 http://security.gentoo.org/glsa/glsa-201308-06.xml http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.securityfocus.com/bid/51510 http://www.ubuntu.com/usn/USN-1397-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/72530 •
CVSS: 6.0EPSS: 0%CPEs: 86EXPL: 2CVE-2008-7247
https://notcve.org/view.php?id=CVE-2008-7247
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink. sql/sql_table.cc en MySQL v5.0.x hasta la v5.0.88, v5.1.x hasta la v5.1.41, y v6.0 anteriores a v6.0.9-alpha, cuando el directorio de datos "home" contiene un enlace simbólico a un sistema de ficheros diferente, permite a usuarios autenticados remotamente saltar las restricciones de acceso implementadas al invocar CREATE TABLE con un argumento (1) DATA DIRECTORY o (2) INDEX DIRECTORY referido a un subdirectorio que requiera el seguimiento de este enlace simbólico. • http://bugs.mysql.com/bug.php?id=39277 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.mysql.com/commits/59711 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html http://marc.info/?l=oss-security&m=125908040022018&w=2 http://secunia.com/advisories/38517 http://support.apple.com/kb/HT4077 http://ubuntu.com/usn/usn-897-1 http://w • CWE-59: Improper Link Resolution Before File Access ('Link Following') •