Summary
| Detail | |||
|---|---|---|---|
| Vendor | Oracle | First view | 2004-11-03 |
| Product | Mysql | Last view | 2020-10-21 |
| Version | 5.0.12 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:oracle:mysql | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 4.9 | 2020-10-21 | CVE-2020-14893 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14891 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14888 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 8 | 2020-10-21 | CVE-2020-14878 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 8.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). |
| 4.4 | 2020-10-21 | CVE-2020-14873 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14870 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14869 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14868 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.4 | 2020-10-21 | CVE-2020-14867 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14866 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14861 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 2.7 | 2020-10-21 | CVE-2020-14860 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). |
| 4.9 | 2020-10-21 | CVE-2020-14852 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14848 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 6.5 | 2020-10-21 | CVE-2020-14846 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14845 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14844 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14839 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.3 | 2020-10-21 | CVE-2020-14838 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). |
| 4.9 | 2020-10-21 | CVE-2020-14837 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 6.5 | 2020-10-21 | CVE-2020-14836 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
| 6.5 | 2020-10-21 | CVE-2020-14830 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2020-10-21 | CVE-2020-14829 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 7.2 | 2020-10-21 | CVE-2020-14828 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). |
| 6.5 | 2020-10-21 | CVE-2020-14827 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 14% (7) | CWE-200 | Information Exposure |
| 12% (6) | CWE-264 | Permissions, Privileges, and Access Controls |
| 10% (5) | CWE-20 | Improper Input Validation |
| 8% (4) | CWE-399 | Resource Management Errors |
| 6% (3) | CWE-284 | Access Control (Authorization) Issues |
| 6% (3) | CWE-189 | Numeric Errors |
| 6% (3) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 4% (2) | CWE-134 | Uncontrolled Format String |
| 4% (2) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
| 2% (1) | CWE-787 | Out-of-bounds Write |
| 2% (1) | CWE-476 | NULL Pointer Dereference |
| 2% (1) | CWE-416 | Use After Free |
| 2% (1) | CWE-362 | Race Condition |
| 2% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| 2% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 2% (1) | CWE-269 | Improper Privilege Management |
| 2% (1) | CWE-254 | Security Features |
| 2% (1) | CWE-190 | Integer Overflow or Wraparound |
| 2% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 2% (1) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
| 2% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 69395 | MySQL Derived Table Grouping DoS |
| 69393 | MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS |
| 69392 | MySQL Extreme-Value Functions Mixed Arguments DoS |
| 69390 | MySQL Extreme-Value Functions Argument Parsing Type Error DoS |
| 69387 | MySQL LIKE Predicates Pre-Evaluation DoS |
| 67383 | MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Derefer... |
| 67378 | MySQL Unique SET Column Join DoS |
| 65851 | MySQL ALTER DATABASE #mysql50# Prefix Handling DoS |
| 64843 | MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion |
| 64588 | MySQL Large Packet Infinite Read DoS |
| 64587 | MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow |
| 64586 | MySQL COM_FIELD_LIST Command Packet Authentication Bypass |
| 63903 | MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Comm... |
| 61956 | yaSSL Certificate Name Handling Overflow |
| 60664 | MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restri... |
| 60489 | MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS |
| 60488 | MySQL SELECT Statement WHERE Clause Sub-query DoS |
| 60487 | MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness |
| 55734 | MySQL sql_parse.cc dispatch_command() Function Format String DoS |
| 52453 | MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath... |
| 51171 | MySQL InnoDB convert_search_mode_to_innobase Function DoS |
| 44937 | MySQL MyISAM Table CREATE TABLE Privilege Check Bypass |
| 42609 | MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS |
| 34765 | MySQL mysql_change_db Function THD::db_access Privilege Escalation |
| 34734 | MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl |
| 2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
| 2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
| 2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2496-1 (mysql-5.1) File : nvt/deb_2496_1.nasl |
| 2012-06-05 | Name : RedHat Update for mysql RHSA-2011:0164-01 File : nvt/gb_RHSA-2011_0164-01_mysql.nasl |
| 2012-03-16 | Name : Ubuntu Update for mysql-5.1 USN-1397-1 File : nvt/gb_ubuntu_USN_1397_1.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-02 (MySQL) File : nvt/glsa_201201_02.nasl |
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-08-19 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004) File : nvt/secpod_macosx_su11-004.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2009:1289 centos5 i386 File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2010:0109 centos5 i386 File : nvt/gb_CESA-2010_0109_mysql_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2010:0442 centos5 i386 File : nvt/gb_CESA-2010_0442_mysql_centos5_i386.nasl |
| 2011-01-21 | Name : Mandriva Update for mysql MDVSA-2011:012 (mysql) File : nvt/gb_mandriva_MDVSA_2011_012.nasl |
| 2011-01-21 | Name : MySQL Multiple Denial of Service Vulnerabilities File : nvt/gb_mysql_mult_dos_vuln_jan11.nasl |
| 2011-01-18 | Name : MySQL Mysqld Multiple Denial Of Service Vulnerabilities File : nvt/gb_mysql_mysqld_mult_dos_vuln.nasl |
| 2010-12-02 | Name : Fedora Update for mysql FEDORA-2010-15147 File : nvt/gb_fedora_2010_15147_mysql_fc14.nasl |
| 2010-11-16 | Name : CentOS Update for mysql CESA-2010:0824 centos4 i386 File : nvt/gb_CESA-2010_0824_mysql_centos4_i386.nasl |
| 2010-11-16 | Name : RedHat Update for mysql RHSA-2010:0824-01 File : nvt/gb_RHSA-2010_0824-01_mysql.nasl |
| 2010-11-16 | Name : RedHat Update for mysql RHSA-2010:0825-01 File : nvt/gb_RHSA-2010_0825-01_mysql.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
| 2014-A-0106 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0053189 |
| 2014-A-0057 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0049591 |
| 2014-A-0011 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0043399 |
| 2013-A-0201 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0040782 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Date_Format denial of service attempt RuleID : 8057 - Type : SERVER-MYSQL - Revision : 11 |
| 2017-08-23 | Oracle MyPluggable Auth denial of service attempt RuleID : 43671 - Type : SQL - Revision : 3 |
| 2016-10-25 | Multiple SQL products privilege escalation attempt RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2 |
| 2016-10-25 | Multiple SQL products privilege escalation attempt RuleID : 40253 - Type : SERVER-MYSQL - Revision : 2 |
| 2016-03-14 | Hunter exploit kit landing page detected RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3 |
| 2014-12-16 | Oracle MySQL Server XPath memory Corruption attempt RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2 |
| 2014-01-10 | Database SELECT subquery denial of service attempt RuleID : 20053 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | Database unique set column denial of service attempt RuleID : 19094 - Type : SERVER-MYSQL - Revision : 12 |
| 2014-01-10 | Database unique set column denial of service attempt RuleID : 19093 - Type : SERVER-MYSQL - Revision : 12 |
| 2014-01-10 | mysql_log COM_DROP_DB format string vulnerability exploit attempt RuleID : 16708 - Type : SERVER-MYSQL - Revision : 8 |
| 2014-01-10 | mysql_log COM_CREATE_DB format string vulnerability exploit attempt RuleID : 16707 - Type : SERVER-MYSQL - Revision : 8 |
| 2014-01-10 | Database COM_FIELD_LIST Buffer Overflow attempt RuleID : 16703 - Type : SERVER-MYSQL - Revision : 10 |
| 2014-01-10 | yaSSL library cert parsing stack overflow attempt RuleID : 16385 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | database Procedure Analyse denial of service attempt - 2 RuleID : 16349 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | database PROCEDURE ANALYSE denial of service attempt - 1 RuleID : 16348 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | login handshake information disclosure attempt RuleID : 16020 - Type : SERVER-MYSQL - Revision : 13 |
| 2014-01-10 | XML Functions UpdateXML Scalar XPath denial of service attempt RuleID : 15443 - Type : SERVER-MYSQL - Revision : 10 |
| 2014-01-10 | XML Functions ExtractValue Scalar XPath denial of service attempt RuleID : 15442 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | MySQL COM_TABLE_DUMP Function Stack Overflow attempt RuleID : 11619 - Type : SERVER-MYSQL - Revision : 7 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-18 | Name: The remote Fedora host is missing a security update. File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO |
| 2019-01-07 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-77e610115a.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-83bbd0c22f.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-b4820696e1.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-c82fc3e109.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-f67fda3db6.nasl - Type: ACT_GATHER_INFO |
| 2018-12-28 | Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili... File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO |
| 2018-12-10 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO |
| 2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO |
| 2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO |
| 2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO |
| 2018-12-01 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO |
| 2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO |
| 2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4ae94c8deb.nasl - Type: ACT_GATHER_INFO |
| 2018-11-23 | Name: The remote Debian host is missing a security update. File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO |
