Vulnerabilities > Mysql > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-17 | CVE-2012-2102 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. | 3.5 |
2012-01-18 | CVE-2012-0075 | Remote MySQL Server vulnerability in Oracle MySQL Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors. | 1.7 |
2012-01-18 | CVE-2012-0112 | Remote MySQL Server vulnerability in Oracle MySQL Server Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. | 3.5 |
2012-01-18 | CVE-2012-0114 | Local Security vulnerability in Oracle MySQL Server Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors. | 3.0 |
2012-01-18 | CVE-2012-0492 | Remote MySQL Server vulnerability in Oracle MySQL Server Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485. | 2.1 |
2010-05-21 | CVE-2010-1626 | Permissions, Privileges, and Access Controls vulnerability in multiple products MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. | 3.6 |
2008-10-06 | CVE-2008-4456 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. | 2.6 |
2007-12-10 | CVE-2007-6303 | Privilege Escalation And Denial Of Service vulnerability in MySQL Server MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement. | 3.5 |
2007-07-15 | CVE-2007-3782 | Permissions, Privileges, and Access Controls vulnerability in Mysql Community Server 5.0.41/5.0.44 MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table. | 3.5 |
2007-05-16 | CVE-2007-2693 | Information Disclosure vulnerability in MySQL Alter Table Function MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement. | 3.5 |