Vulnerabilities > Mysql > Mysql > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-17 | CVE-2012-2102 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. | 3.5 |
2012-01-18 | CVE-2012-0075 | Remote MySQL Server vulnerability in Oracle MySQL Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors. | 1.7 |
2012-01-18 | CVE-2012-0112 | Remote MySQL Server vulnerability in Oracle MySQL Server Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. | 3.5 |
2012-01-18 | CVE-2012-0114 | Local Security vulnerability in Oracle MySQL Server Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors. | 3.0 |
2012-01-18 | CVE-2012-0492 | Remote MySQL Server vulnerability in Oracle MySQL Server Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485. | 2.1 |
2010-05-21 | CVE-2010-1626 | Permissions, Privileges, and Access Controls vulnerability in multiple products MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | 3.6 |
2008-10-06 | CVE-2008-4456 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. | 2.6 |
2007-12-10 | CVE-2007-6303 | Privilege Escalation And Denial Of Service vulnerability in MySQL Server MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement. | 3.5 |
2007-05-16 | CVE-2007-2693 | Information Disclosure vulnerability in MySQL Alter Table Function MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement. | 3.5 |
2007-03-12 | CVE-2007-1420 | Remote Denial Of Service vulnerability in MySQL Single Row SubSelect MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function. | 2.1 |