Vulnerabilities > Mysql

DATE CVE VULNERABILITY TITLE RISK
2004-11-03 CVE-2004-0835 Local vulnerability in MySQL
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
network
low complexity
mysql oracle debian
7.5
2004-05-04 CVE-2004-0381 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
local
low complexity
mysql oracle
2.1
2003-12-31 CVE-2003-1480 Cryptographic Issues vulnerability in multiple products
MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
network
mysql oracle CWE-310
4.3
2003-09-22 CVE-2003-0780 Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
network
low complexity
mysql oracle conectiva
critical
9.0
2001-10-02 CVE-2001-1255 WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
local
low complexity
mysql oracle
4.6