Vulnerabilities > Mysql > Mysql
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0710 | Remote vulnerability in MySQL AB MySQL MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function. | 4.6 |
2005-05-02 | CVE-2005-0709 | Code Injection vulnerability in multiple products MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. | 4.6 |
2004-12-06 | CVE-2004-0628 | Denial Of Service vulnerability in Mysql 4.1.0 Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string. | 10.0 |
2004-12-06 | CVE-2004-0627 | Unspecified vulnerability in Mysql 4.1.0 The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string. | 10.0 |
2004-11-03 | CVE-2004-0835 | Local vulnerability in MySQL MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities. | 7.5 |
2004-05-04 | CVE-2004-0381 | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | 2.1 |
2003-12-31 | CVE-2003-1480 | Cryptographic Issues vulnerability in multiple products MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. | 4.3 |
2003-09-22 | CVE-2003-0780 | Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | 9.0 |