Vulnerabilities > Mariadb > Medium

DATE CVE VULNERABILITY TITLE RISK
2012-07-17 CVE-2012-1734 Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
network
low complexity
oracle mariadb redhat
4.0
2012-07-17 CVE-2012-1689 Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
network
low complexity
oracle mariadb redhat
4.0
2012-07-17 CVE-2012-0540 Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
network
low complexity
oracle mariadb redhat
4.0
2012-06-26 CVE-2012-2122 Improper Authentication vulnerability in multiple products
sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
network
high complexity
oracle mariadb CWE-287
5.1
2012-05-03 CVE-2012-1703 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
network
low complexity
oracle redhat mariadb
6.8
2012-05-03 CVE-2012-1697 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
network
low complexity
oracle mariadb
4.0
2012-05-03 CVE-2012-1690 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.
network
low complexity
oracle mariadb redhat
4.0
2012-05-03 CVE-2012-1688 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
network
low complexity
oracle mariadb redhat
4.0
2005-04-14 CVE-2005-0004 Link Following vulnerability in multiple products
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
local
low complexity
oracle debian mariadb CWE-59
4.6