Total
94 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3676 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement. | |||||
| CVE-2010-3677 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. | |||||
| CVE-2010-3682 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. | |||||
| CVE-2010-3681 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. | |||||
| CVE-2012-0120 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492. | |||||
| CVE-2012-0553 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 7.5 HIGH | N/A |
| Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492. | |||||
| CVE-2010-3840 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points. | |||||
| CVE-2010-3683 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request. | |||||
| CVE-2012-1696 | 2 Mysql, Oracle | 5 Mysql, Mysql Community Server, Mysql Server and 2 more | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2012-0115 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. | |||||
| CVE-2010-3680 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure. | |||||
| CVE-2010-3839 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements. | |||||
| CVE-2012-2749 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index. | |||||
| CVE-2013-1492 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 7.5 HIGH | N/A |
| Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553. | |||||
| CVE-2010-3678 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier. | |||||
| CVE-2012-0118 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113. | |||||
| CVE-2012-0492 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 2.1 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485. | |||||
| CVE-2009-0819 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure. | |||||
| CVE-2007-6304 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 5.0 MEDIUM | N/A |
| The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns. | |||||
| CVE-2006-4226 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.6 LOW | N/A |
| MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. | |||||