This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 1998-12-27
Product Mysql Last view 2024-10-15
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:* 1213
cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:* 1212
cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:* 1211
cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:* 1211
cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:* 1210
cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:* 1210
cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:* 1210
cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:* 1210
cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:* 1210
cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:* 1210
cpe:2.3:a:oracle:mysql:5.1.5:-:*:*:*:*:*:* 1209
cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:* 1208
cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:* 1208
cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:* 1208
cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:* 1207
cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:* 1206
cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:* 1206
cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:* 1205
cpe:2.3:a:oracle:mysql:5.1.23:-:*:*:*:*:*:* 1203
cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.0.1:-:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.0.2:-:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.0.4:-:*:*:*:*:*:* 1201
cpe:2.3:a:oracle:mysql:5.1.32:-:*:*:*:*:*:* 1200
cpe:2.3:a:oracle:mysql:5.0.3:-:*:*:*:*:*:* 1199
cpe:2.3:a:oracle:mysql:5.1.31:-:*:*:*:*:*:* 1198
cpe:2.3:a:oracle:mysql:5.1.33:*:*:*:*:*:*:* 1197
cpe:2.3:a:oracle:mysql:5.1.34:-:*:*:*:*:*:* 1197
cpe:2.3:a:oracle:mysql:5.1.36:*:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.39:*:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.0.15:-:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.0.16:-:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.23:a:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.0.17:-:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.40:*:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.37:-:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.35:*:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.38:*:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.0.10:-:*:*:*:*:*:* 1196
cpe:2.3:a:oracle:mysql:5.1.29:*:*:*:*:*:*:* 1195
cpe:2.3:a:oracle:mysql:5.1.24:*:*:*:*:*:*:* 1195
cpe:2.3:a:oracle:mysql:5.1.25:*:*:*:*:*:*:* 1195
cpe:2.3:a:oracle:mysql:5.1.26:*:*:*:*:*:*:* 1195
cpe:2.3:a:oracle:mysql:5.0.5:-:*:*:*:*:*:* 1195
cpe:2.3:a:oracle:mysql:5.1.27:*:*:*:*:*:*:* 1195

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2024-10-15 CVE-2024-21272

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

6.5 2024-10-15 CVE-2024-21262

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).

0 2024-10-15 CVE-2024-21247

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Client accessible data as well as unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).

2.2 2024-10-15 CVE-2024-21244

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).

2.2 2024-10-15 CVE-2024-21243

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N).

4.9 2024-10-15 CVE-2024-21241

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-10-15 CVE-2024-21239

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

5.3 2024-10-15 CVE-2024-21238

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.39 and prior, 8.4.1 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

2.2 2024-10-15 CVE-2024-21237

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).

4.9 2024-10-15 CVE-2024-21236

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

0 2024-10-15 CVE-2024-21232

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).

0 2024-10-15 CVE-2024-21231

Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).

0 2024-10-15 CVE-2024-21230

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-10-15 CVE-2024-21219

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

0 2024-10-15 CVE-2024-21218

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.2 2024-10-15 CVE-2024-21213

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).

4.4 2024-10-15 CVE-2024-21212

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supported versions that are affected are 8.0.39 and prior and 8.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

0 2024-10-15 CVE-2024-21209

Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 2.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N).

0 2024-10-15 CVE-2024-21207

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.38 and prior, 8.4.1 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

0 2024-10-15 CVE-2024-21204

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.4.0 and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-10-15 CVE-2024-21203

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-10-15 CVE-2024-21201

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

0 2024-10-15 CVE-2024-21200

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-10-15 CVE-2024-21199

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-10-15 CVE-2024-21198

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
12% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (7) CWE-399 Resource Management Errors
8% (7) CWE-264 Permissions, Privileges, and Access Controls
7% (6) CWE-59 Improper Link Resolution Before File Access ('Link Following')
7% (6) CWE-20 Improper Input Validation
4% (4) CWE-200 Information Exposure
3% (3) CWE-787 Out-of-bounds Write
3% (3) CWE-476 NULL Pointer Dereference
3% (3) CWE-416 Use After Free
3% (3) CWE-134 Uncontrolled Format String
2% (2) CWE-284 Access Control (Authorization) Issues
2% (2) CWE-190 Integer Overflow or Wraparound
2% (2) CWE-189 Numeric Errors
2% (2) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
1% (1) CWE-665 Improper Initialization
1% (1) CWE-522 Insufficiently Protected Credentials
1% (1) CWE-502 Deserialization of Untrusted Data
1% (1) CWE-494 Download of Code Without Integrity Check
1% (1) CWE-369 Divide By Zero
1% (1) CWE-362 Race Condition
1% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
1% (1) CWE-319 Cleartext Transmission of Sensitive Information
1% (1) CWE-310 Cryptographic Issues
1% (1) CWE-295 Certificate Issues
1% (1) CWE-287 Improper Authentication

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-15 Command Delimiters
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-61 Session Fixation
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-122 Exploitation of Authorization
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-232 Exploitation of Privilege/Trust
CAPEC-234 Hijacking a privileged process

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:436 MYSQLd Double-free Vulnerability
oval:org.mitre.oval:def:442 MYSQL Privilege Escalation Vulnerability via INFO OUTFILE Select
oval:org.mitre.oval:def:11557 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symli...
oval:org.mitre.oval:def:10559 The mysqld_multi script in MySQL allows local users to overwrite arbitrary fi...
oval:org.mitre.oval:def:10693 The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp metho...
oval:org.mitre.oval:def:10479 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:10180 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:9591 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names...
oval:org.mitre.oval:def:9504 mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the...
oval:org.mitre.oval:def:9915 MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via ...
oval:org.mitre.oval:def:9918 The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4....
oval:org.mitre.oval:def:11036 sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to...
oval:org.mitre.oval:def:10312 SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0...
oval:org.mitre.oval:def:9516 mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5....
oval:org.mitre.oval:def:9827 Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...
oval:org.mitre.oval:def:10468 MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:10729 MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca...
oval:org.mitre.oval:def:10105 MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routine...
oval:org.mitre.oval:def:10686 MySQL before 4.1.13 allows local users to cause a denial of service (persiste...
oval:org.mitre.oval:def:9530 MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data...
oval:org.mitre.oval:def:9930 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5...
oval:org.mitre.oval:def:9559 MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not re...
oval:org.mitre.oval:def:9166 The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5....
oval:org.mitre.oval:def:20366 DSA-1413-1 mysql - multiple
oval:org.mitre.oval:def:11390 The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB en...

SAINT Exploits

Description Link
MySQL FILE privilege elevation More info here
MySQL yaSSL SSL Hello message buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78394 Oracle MySQL Server Unspecified Remote DoS (2012-0493)
78393 Oracle MySQL Server Unspecified Remote DoS (2012-0492)
78392 Oracle MySQL Server Unspecified Remote DoS (2012-0117)
78391 Oracle MySQL Server Unspecified Remote DoS (2012-0112)
78390 Oracle MySQL Server Unspecified Remote DoS (2012-0495)
78389 Oracle MySQL Server Unspecified Remote DoS (2012-0491)
78388 Oracle MySQL Server Unspecified Remote DoS (2012-0490)
78387 Oracle MySQL Server Unspecified Remote DoS (2012-0489)
78386 Oracle MySQL Server Unspecified Remote DoS (2012-0488)
78385 Oracle MySQL Server Unspecified Remote DoS (2012-0487)
78384 Oracle MySQL Server Unspecified Remote DoS (2012-0486)
78383 Oracle MySQL Server Unspecified Remote DoS (2012-0485)
78382 Oracle MySQL Server Unspecified Remote DoS (2012-0120)
78381 Oracle MySQL Server Unspecified Remote DoS (2012-0119)
78380 Oracle MySQL Server Unspecified Remote DoS (2012-0115)
78379 Oracle MySQL Server Unspecified Remote DoS (2012-0102)
78378 Oracle MySQL Server Unspecified Remote DoS (2012-0101)
78377 Oracle MySQL Server Unspecified Remote DoS (2012-0087)
78376 Oracle MySQL Server Unspecified Remote DoS (2011-2262)
78375 Oracle MySQL Server Unspecified Local DoS
78374 Oracle MySQL Server Unspecified Remote Issue (2012-0075)
78373 Oracle MySQL Server Unspecified Local Issue
78372 Oracle MySQL Server Unspecified Remote Information Disclosure
78371 Oracle MySQL Server Unspecified Remote Issue (2012-0496)
78370 Oracle MySQL Server Unspecified Remote Issue (2012-0118)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-12-26 Name : Fedora Update for mysql FEDORA-2012-19823
File : nvt/gb_fedora_2012_19823_mysql_fc16.nasl
2012-12-18 Name : Fedora Update for mysql FEDORA-2012-19833
File : nvt/gb_fedora_2012_19833_mysql_fc17.nasl
2012-12-13 Name : SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
File : nvt/gb_suse_2012_0860_1.nasl
2012-12-11 Name : Ubuntu Update for mysql-5.5 USN-1658-1
File : nvt/gb_ubuntu_USN_1658_1.nasl
2012-12-10 Name : CentOS Update for mysql CESA-2012:1551 centos6
File : nvt/gb_CESA-2012_1551_mysql_centos6.nasl
2012-12-10 Name : RedHat Update for mysql RHSA-2012:1551-01
File : nvt/gb_RHSA-2012_1551-01_mysql.nasl
2012-12-10 Name : Mandriva Update for mysql MDVSA-2012:178 (mysql)
File : nvt/gb_mandriva_MDVSA_2012_178.nasl
2012-12-07 Name : MySQL Authentication Error Message User Enumeration Vulnerability
File : nvt/gb_oracle_mysql_old_auth_user_enum_vuln.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-08-30 Name : Fedora Update for mysql FEDORA-2012-9308
File : nvt/gb_fedora_2012_9308_mysql_fc17.nasl
2012-08-10 Name : Debian Security Advisory DSA 2496-1 (mysql-5.1)
File : nvt/deb_2496_1.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0105 centos6
File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0127 centos5
File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0874 centos6
File : nvt/gb_CESA-2012_0874_mysql_centos6.nasl
2012-07-09 Name : RedHat Update for mysql RHSA-2012:0105-01
File : nvt/gb_RHSA-2012_0105-01_mysql.nasl
2012-06-28 Name : Fedora Update for mysql FEDORA-2012-9324
File : nvt/gb_fedora_2012_9324_mysql_fc16.nasl
2012-06-22 Name : RedHat Update for mysql RHSA-2012:0874-04
File : nvt/gb_RHSA-2012_0874-04_mysql.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2014-A-0106 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0053189
2014-A-0057 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0049591
2014-A-0011 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0043399
2013-A-0201 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0040782

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Date_Format denial of service attempt
RuleID : 8057 - Type : SERVER-MYSQL - Revision : 11
2020-01-14 MySQL/MariaDB Server geometry query envelope object integer overflow attempt
RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1
2020-01-07 yaSSL SSL Hello Message buffer overflow attempt
RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1
2014-01-10 create function buffer overflow attempt
RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7
2017-11-30 MySQL/MariaDB Server geometry query integer overflow attempt
RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2
2017-08-23 Oracle MyPluggable Auth denial of service attempt
RuleID : 43671 - Type : SQL - Revision : 3
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40253 - Type : SERVER-MYSQL - Revision : 2
2014-01-10 client overflow attempt
RuleID : 3672 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 protocol 41 client overflow attempt
RuleID : 3671 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 secure client overflow attempt
RuleID : 3670 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 protocol 41 secure client overflow attempt
RuleID : 3669 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 client authentication bypass attempt
RuleID : 3668 - Type : SERVER-MYSQL - Revision : 13
2014-01-10 protocol 41 client authentication bypass attempt
RuleID : 3667 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 server greeting finished
RuleID : 3666 - Type : SERVER-MYSQL - Revision : 12
2014-01-10 server greeting
RuleID : 3665 - Type : SERVER-MYSQL - Revision : 11
2016-03-14 Hunter exploit kit landing page detected
RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 create function access attempt
RuleID : 3528 - Type : SERVER-MYSQL - Revision : 12
2015-03-31 MySQL/MariaDB Server geometry query object integer overflow attempt
RuleID : 33637 - Type : SERVER-MYSQL - Revision : 4
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3
2014-12-16 Oracle MySQL Server XPath memory Corruption attempt
RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Fedora host is missing a security update.
File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-77e610115a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-83bbd0c22f.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b4820696e1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c82fc3e109.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f67fda3db6.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4ae94c8deb.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Debian host is missing a security update.
File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO