Vulnerabilities > Mysql
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-01-14 | CVE-2010-3837 | Resource Management Errors vulnerability in multiple products MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object. | 4.0 |
| 2011-01-14 | CVE-2010-3836 | Resource Management Errors vulnerability in multiple products MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers. | 4.0 |
| 2011-01-14 | CVE-2010-3835 | Numeric Errors vulnerability in multiple products MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table. | 4.0 |
| 2011-01-14 | CVE-2010-3834 | Denial Of Service vulnerability in Oracle MySQL Prior to 5.1.51 Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments." | 4.0 |
| 2011-01-14 | CVE-2010-3833 | Resource Management Errors vulnerability in multiple products MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... | 5.0 |
| 2011-01-11 | CVE-2010-3683 | Denial Of Service vulnerability in Oracle MySQL 'LOAD DATA INFILE' Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request. | 4.0 |
| 2011-01-11 | CVE-2010-3682 | Denial Of Service vulnerability in Oracle MySQL 'EXPLAIN' Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... | 4.0 |
| 2011-01-11 | CVE-2010-3681 | Denial Of Service vulnerability in Oracle MySQL 'HANDLER' interface Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. | 4.0 |
| 2011-01-11 | CVE-2010-3680 | Denial Of Service vulnerability in Oracle MySQL 'TEMPORARY InnoDB' Tables Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure. | 4.0 |
| 2011-01-11 | CVE-2010-3679 | Resource Management Errors vulnerability in multiple products Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind. | 4.0 |