This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:oracle:mysql:4.0.0
Detail
VendorOracleFirst view 2002-10-11
ProductMysqlLast view2019-07-23
Version4.0.0TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:oracle:mysql

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
42019-07-23CVE-2019-2879NetworkLowRequires ...
6.82019-07-23CVE-2019-2834NetworkLowRequires ...
6.82019-07-23CVE-2019-2830NetworkLowRequires ...
42019-07-23CVE-2019-2826NetworkLowRequires ...
5.12019-07-23CVE-2019-2822NetworkHighNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
42019-07-23CVE-2019-2815NetworkLowRequires ...
3.52019-07-23CVE-2019-2814NetworkMediumRequires ...
42019-07-23CVE-2019-2812NetworkLowRequires ...
42019-07-23CVE-2019-2811NetworkLowRequires ...
42019-07-23CVE-2019-2810NetworkLowRequires ...
42019-07-23CVE-2019-2808NetworkLowRequires ...
42019-07-23CVE-2019-2803NetworkLowRequires ...
42019-07-23CVE-2019-2802NetworkLowRequires ...
42019-07-23CVE-2019-2801NetworkLowRequires ...
5.52019-07-23CVE-2019-2800NetworkLowRequires ...
42019-07-23CVE-2019-2798NetworkLowRequires ...
42019-07-23CVE-2019-2796NetworkLowRequires ...
42019-07-23CVE-2019-2795NetworkLowRequires ...
42019-07-23CVE-2019-2789NetworkLowRequires ...
42019-07-23CVE-2019-2785NetworkLowRequires ...
42019-07-23CVE-2019-2784NetworkLowRequires ...
42019-07-23CVE-2019-2780NetworkLowRequires ...
42019-07-23CVE-2019-2752NetworkLowRequires ...
42019-07-23CVE-2019-2747NetworkLowRequires ...

CWE : Common Weakness Enumeration

%idName
58% (30)CWE-284Access Control (Authorization) Issues
19% (10)CWE-20Improper Input Validation
3% (2)CWE-264Permissions, Privileges, and Access Controls
3% (2)CWE-200Information Exposure
1% (1)CWE-320Key Management Errors
Hide | Show 6 More...
%idName
1% (1)CWE-310Cryptographic Issues
1% (1)CWE-269Improper Privilege Management
1% (1)CWE-134Uncontrolled Format String
1% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
1% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
1% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-1Accessing Functionality Not Properly Constrained by ACLs
CAPEC-15Command Delimiters
CAPEC-17Accessing, Modifying or Executing Executable Files
CAPEC-60Reusing Session IDs (aka Session Replay)
CAPEC-61Session Fixation
Hide | Show 5 More...
idName
CAPEC-62Cross Site Request Forgery (aka Session Riding)
CAPEC-122Exploitation of Authorization
CAPEC-180Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-232Exploitation of Privilege/Trust
CAPEC-234Hijacking a privileged process

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:21317RHSA-2012:0105: mysql security update (Important)
oval:org.mitre.oval:def:23683ELSA-2012:0105: mysql security update (Important)
oval:org.mitre.oval:def:19679DSA-2780-1 mysql-5.1 - several
oval:org.mitre.oval:def:7905DSA-1877 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
oval:org.mitre.oval:def:12751DSA-1877-1 mysql-dfsg-5.0 -- denial of service/execution of arbitrary code
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:11857Multiple format string vulnerabilities in the dispatch_command function in li...
oval:org.mitre.oval:def:22888ELSA-2009:1289: mysql security and bug fix update (Moderate)
oval:org.mitre.oval:def:28888RHSA-2009:1289 -- mysql security and bug fix update (Moderate)
oval:org.mitre.oval:def:11557mysqlbug in MySQL allows local users to overwrite arbitrary files via a symli...
oval:org.mitre.oval:def:16267Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Se...
oval:org.mitre.oval:def:25101USN-2291-1 -- mysql-5.5 vulnerabilities
oval:org.mitre.oval:def:26099DSA-2985-1 -- mysql-5.5 - security update
oval:org.mitre.oval:def:20971RHSA-2013:0772: mysql security update (Important)
oval:org.mitre.oval:def:18467DSA-2667-1 mysql-5.5 - several
oval:org.mitre.oval:def:18379USN-1807-2 -- mysql-5.5 vulnerabilities
oval:org.mitre.oval:def:17129USN-1807-1 -- MySQL vulnerabilities
oval:org.mitre.oval:def:20470RHSA-2013:0121: mysql security and bug fix update (Low)
oval:org.mitre.oval:def:23174ELSA-2013:0121: mysql security and bug fix update (Low)
oval:org.mitre.oval:def:26702DEPRECATED: ELSA-2013-0121 -- mysql security and bug fix update (low)
oval:org.mitre.oval:def:9591MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names...
oval:org.mitre.oval:def:11036sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to...
oval:org.mitre.oval:def:16451Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: My...
oval:org.mitre.oval:def:10468MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:16835Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: St...
oval:org.mitre.oval:def:17266Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Se...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
60356MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
59616MySQL Hashed Password Weakness
55734MySQL sql_parse.cc dispatch_command() Function Format String DoS
28012MySQL Case Sensitivity Unauthorized Database Creation
27703MySQL MERGE Table Privilege Persistence
Hide | Show 20 More...
idDescription
25228MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
25226MySQL Malformed Login Packet Remote Memory Disclosure
23526MySQL Query NULL Charcter Logging Bypass
18897MySQL on Windows UDF Create Function Traversal Privilege Escalation
18896MySQL User-Defined Function init_syms() Function Overflow
16689MySQL mysql_install_db Symlink Arbitrary File Overwrite
14678MySQL CREATE FUNCTION Arbitrary libc Code Execution
14677MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
14676MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
13013MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
10985MySQL MATCH..AGAINST Query DoS
10959MySQL GRANT ALL ON Privilege Escalation
10660MySQL ALTER TABLE/RENAME Forces Old Permission Checks
10659MySQL ALTER MERGE Tables to Change the UNION DoS
10658MySQL mysql_real_connect() Function Remote Overflow
9908MySQL my.ini Initialization File datadir Parameter Overflow
8889MySQL COM_TABLE_DUMP Package Negative Integer DoS
8888MySQL COM_CHANGE_USER Command Long Repsonse Overflow
8887MySQL COM_CHANGE_USER Command One Character Password Brute Force
8886MySQL libmysqlclient Library read_one_row Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-18Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-26Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl
Hide | Show 20 More...
idDescription
2012-11-26Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl
2012-11-15Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-15Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-06Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-08-10Name : Debian Security Advisory DSA 2496-1 (mysql-5.1)
File : nvt/deb_2496_1.nasl
2012-03-16Name : Ubuntu Update for mysql-5.1 USN-1397-1
File : nvt/gb_ubuntu_USN_1397_1.nasl
2012-02-12Name : Gentoo Security Advisory GLSA 201201-02 (MySQL)
File : nvt/glsa_201201_02.nasl
2011-08-09Name : CentOS Update for mysql CESA-2009:1289 centos5 i386
File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl
2010-05-12Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl
2010-02-19Name : CentOS Update for mysql CESA-2010:0110 centos4 i386
File : nvt/gb_CESA-2010_0110_mysql_centos4_i386.nasl
2010-02-19Name : RedHat Update for mysql RHSA-2010:0110-01
File : nvt/gb_RHSA-2010_0110-01_mysql.nasl
2010-02-15Name : Ubuntu Update for MySQL vulnerabilities USN-897-1
File : nvt/gb_ubuntu_USN_897_1.nasl
2009-12-14Name : Fedora Core 10 FEDORA-2009-12180 (mysql)
File : nvt/fcore_2009_12180.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:326 (mysql)
File : nvt/mdksa_2009_326.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13Name : SLES10: Security update for MySQL
File : nvt/sles10_mysql.nasl
2009-10-11Name : SLES11: Security update for MySQL
File : nvt/sles11_libmysqlclient1.nasl
2009-10-10Name : SLES9: Security update for MySQL
File : nvt/sles9p5020865.nasl
2009-10-10Name : SLES9: Security update for mysql
File : nvt/sles9p5014017.nasl
2009-10-10Name : SLES9: Security update for MySQL
File : nvt/sles9p5021168.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0155Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity : Category I - VMSKEY : V0061083
2014-A-0106Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity : Category I - VMSKEY : V0053189
2014-A-0057Multiple Vulnerabilities in Oracle MySQL Products
Severity : Category I - VMSKEY : V0049591
2014-A-0011Multiple Vulnerabilities in Oracle MySQL Products
Severity : Category I - VMSKEY : V0043399
2013-A-0201Multiple Vulnerabilities in Oracle MySQL Products
Severity : Category I - VMSKEY : V0040782

Snort® IPS/IDS

DateDescription
2014-01-10create function buffer overflow attempt
RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7
2016-03-14Hunter exploit kit landing page detected
RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10create function access attempt
RuleID : 3528 - Type : SERVER-MYSQL - Revision : 12
2015-01-06Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3
2015-01-06Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3
Hide | Show 12 More...
DateDescription
2015-01-06Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3
2015-01-06Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3
2015-01-06Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3
2014-12-16Oracle MySQL Server XPath memory Corruption attempt
RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2
2014-01-10Microsoft MSN Messenger png overflow
RuleID : 3130-community - Type : PUA-OTHER - Revision : 8
2014-01-10Microsoft MSN Messenger png overflow
RuleID : 3130 - Type : PUA-OTHER - Revision : 8
2014-01-10create function mysql.func arbitrary library injection attempt
RuleID : 17412 - Type : SERVER-MYSQL - Revision : 9
2014-01-10mysql_log COM_DROP_DB format string vulnerability exploit attempt
RuleID : 16708 - Type : SERVER-MYSQL - Revision : 8
2014-01-10mysql_log COM_CREATE_DB format string vulnerability exploit attempt
RuleID : 16707 - Type : SERVER-MYSQL - Revision : 8
2014-01-10login handshake information disclosure attempt
RuleID : 16020 - Type : SERVER-MYSQL - Revision : 13
2014-01-10create function libc arbitrary code execution attempt
RuleID : 15952 - Type : SERVER-MYSQL - Revision : 6
2014-01-10MySQL COM_TABLE_DUMP Function Stack Overflow attempt
RuleID : 11619 - Type : SERVER-MYSQL - Revision : 7

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-18Name : The remote Fedora host is missing a security update.
File : fedora_2019-a8ffcff7ee.nasl - Type : ACT_GATHER_INFO
2019-01-17Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_8_0_14.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-f67fda3db6.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-c82fc3e109.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-77e610115a.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-28Name : Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File : nodejs_2018_nov.nasl - Type : ACT_GATHER_INFO
2018-12-10Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type : ACT_GATHER_INFO
2018-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4348.nasl - Type : ACT_GATHER_INFO
2018-11-23Name : The remote Debian host is missing a security update.
File : debian_DLA-1586.nasl - Type : ACT_GATHER_INFO
2018-11-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4341.nasl - Type : ACT_GATHER_INFO
2018-11-06Name : The remote Debian host is missing a security update.
File : debian_DLA-1566.nasl - Type : ACT_GATHER_INFO
2018-10-30Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_238ae7dedba211e8b713b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-10-26Name : The remote EulerOS Virtualization host is missing multiple security updates.
File : EulerOS_SA-2018-1337.nasl - Type : ACT_GATHER_INFO
2018-10-26Name : The remote EulerOS Virtualization host is missing multiple security updates.
File : EulerOS_SA-2018-1346.nasl - Type : ACT_GATHER_INFO
2018-10-22Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_ec5072b0d43a11e8a6d2b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2018-10-19Name : The remote database server is affected by multiple vulnerabilities.
File : mysql_8_0_13.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1302.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1303.nasl - Type : ACT_GATHER_INFO
2018-09-19Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1078.nasl - Type : ACT_GATHER_INFO
2018-09-12Name : The remote Fedora host is missing a security update.
File : fedora_2018-3a3c660bfa.nasl - Type : ACT_GATHER_INFO
2018-09-04Name : The remote Debian host is missing a security update.
File : debian_DLA-1488.nasl - Type : ACT_GATHER_INFO
2018-09-04Name : The remote Fedora host is missing a security update.
File : fedora_2018-d1c4a4ca50.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1068.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1069.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1070.nasl - Type : ACT_GATHER_INFO