Summary
| Detail | |||
|---|---|---|---|
| Vendor | Oracle | First view | 2006-07-10 |
| Product | Mysql | Last view | 2022-04-19 |
| Version | 5.1.7 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:oracle:mysql | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.3 | 2022-04-19 | CVE-2022-21489 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). |
| 2.9 | 2022-04-19 | CVE-2022-21486 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). |
| 2.9 | 2022-04-19 | CVE-2022-21485 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). |
| 2.9 | 2022-04-19 | CVE-2022-21484 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). |
| 6.3 | 2022-04-19 | CVE-2022-21483 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). |
| 6.3 | 2022-04-19 | CVE-2022-21482 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H). |
| 5.5 | 2022-04-19 | CVE-2022-21479 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H). |
| 5.5 | 2022-04-19 | CVE-2022-21478 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
| 4.4 | 2022-04-19 | CVE-2022-21460 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N). |
| 6.5 | 2022-04-19 | CVE-2022-21454 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
| 4.4 | 2022-04-19 | CVE-2022-21451 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.4 | 2022-04-19 | CVE-2022-21444 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2022-04-19 | CVE-2022-21427 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 5.5 | 2022-04-19 | CVE-2022-21425 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
| 4.9 | 2022-04-19 | CVE-2022-21417 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.9 | 2022-04-19 | CVE-2022-21412 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 5.5 | 2022-01-19 | CVE-2022-21378 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
| 4.9 | 2022-01-19 | CVE-2022-21374 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 2.7 | 2022-01-19 | CVE-2022-21372 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L). |
| 4.9 | 2022-01-19 | CVE-2022-21370 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 4.7 | 2022-01-19 | CVE-2022-21368 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L). |
| 5.5 | 2022-01-19 | CVE-2022-21367 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
| 4.9 | 2022-01-19 | CVE-2022-21362 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
| 6.5 | 2022-01-19 | CVE-2022-21358 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
| 2.9 | 2022-01-19 | CVE-2022-21357 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L). |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 11% (7) | CWE-399 | Resource Management Errors |
| 9% (6) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 8% (5) | CWE-264 | Permissions, Privileges, and Access Controls |
| 8% (5) | CWE-20 | Improper Input Validation |
| 6% (4) | CWE-200 | Information Exposure |
| 6% (4) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 4% (3) | CWE-416 | Use After Free |
| 4% (3) | CWE-284 | Access Control (Authorization) Issues |
| 4% (3) | CWE-189 | Numeric Errors |
| 3% (2) | CWE-787 | Out-of-bounds Write |
| 3% (2) | CWE-476 | NULL Pointer Dereference |
| 3% (2) | CWE-269 | Improper Privilege Management |
| 3% (2) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
| 1% (1) | CWE-707 | Improper Enforcement of Message or Data Structure |
| 1% (1) | CWE-665 | Improper Initialization |
| 1% (1) | CWE-502 | Deserialization of Untrusted Data |
| 1% (1) | CWE-494 | Download of Code Without Integrity Check |
| 1% (1) | CWE-369 | Divide By Zero |
| 1% (1) | CWE-362 | Race Condition |
| 1% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| 1% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 1% (1) | CWE-254 | Security Features |
| 1% (1) | CWE-203 | Information Exposure Through Discrepancy |
| 1% (1) | CWE-190 | Integer Overflow or Wraparound |
| 1% (1) | CWE-134 | Uncontrolled Format String |
SAINT Exploits
| Description | Link |
|---|---|
| MySQL yaSSL SSL Hello message buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 78393 | Oracle MySQL Server Unspecified Remote DoS (2012-0492) |
| 78391 | Oracle MySQL Server Unspecified Remote DoS (2012-0112) |
| 78388 | Oracle MySQL Server Unspecified Remote DoS (2012-0490) |
| 78383 | Oracle MySQL Server Unspecified Remote DoS (2012-0485) |
| 78382 | Oracle MySQL Server Unspecified Remote DoS (2012-0120) |
| 78381 | Oracle MySQL Server Unspecified Remote DoS (2012-0119) |
| 78380 | Oracle MySQL Server Unspecified Remote DoS (2012-0115) |
| 78379 | Oracle MySQL Server Unspecified Remote DoS (2012-0102) |
| 78378 | Oracle MySQL Server Unspecified Remote DoS (2012-0101) |
| 78377 | Oracle MySQL Server Unspecified Remote DoS (2012-0087) |
| 78376 | Oracle MySQL Server Unspecified Remote DoS (2011-2262) |
| 78374 | Oracle MySQL Server Unspecified Remote Issue (2012-0075) |
| 78373 | Oracle MySQL Server Unspecified Local Issue |
| 78372 | Oracle MySQL Server Unspecified Remote Information Disclosure |
| 78370 | Oracle MySQL Server Unspecified Remote Issue (2012-0118) |
| 78369 | Oracle MySQL Server Unspecified Remote Issue (2012-0116) |
| 78368 | Oracle MySQL Server Unspecified Remote Issue (2012-0113) |
| 69395 | MySQL Derived Table Grouping DoS |
| 69394 | MySQL Temporary Table Expression Re-Evaluation DoS |
| 69393 | MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS |
| 69392 | MySQL Extreme-Value Functions Mixed Arguments DoS |
| 69391 | MySQL Stored Procedures / Prepared Statements Nested Joins DoS |
| 69390 | MySQL Extreme-Value Functions Argument Parsing Type Error DoS |
| 69387 | MySQL LIKE Predicates Pre-Evaluation DoS |
| 69001 | MySQL PolyFromWKB() Function WKB Data Remote DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl |
| 2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl |
| 2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
| 2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
| 2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
| 2012-08-10 | Name : Debian Security Advisory DSA 2496-1 (mysql-5.1) File : nvt/deb_2496_1.nasl |
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0105 centos6 File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl |
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0127 centos5 File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for mysql CESA-2012:0874 centos6 File : nvt/gb_CESA-2012_0874_mysql_centos6.nasl |
| 2012-07-09 | Name : RedHat Update for mysql RHSA-2012:0105-01 File : nvt/gb_RHSA-2012_0105-01_mysql.nasl |
| 2012-06-22 | Name : RedHat Update for mysql RHSA-2012:0874-04 File : nvt/gb_RHSA-2012_0874-04_mysql.nasl |
| 2012-06-05 | Name : RedHat Update for mysql RHSA-2011:0164-01 File : nvt/gb_RHSA-2011_0164-01_mysql.nasl |
| 2012-04-30 | Name : Debian Security Advisory DSA 2429-1 (mysql-5.1) File : nvt/deb_2429_1.nasl |
| 2012-04-02 | Name : Fedora Update for mysql FEDORA-2012-0972 File : nvt/gb_fedora_2012_0972_mysql_fc16.nasl |
| 2012-03-16 | Name : Ubuntu Update for mysql-5.1 USN-1397-1 File : nvt/gb_ubuntu_USN_1397_1.nasl |
| 2012-02-21 | Name : RedHat Update for mysql RHSA-2012:0127-01 File : nvt/gb_RHSA-2012_0127-01_mysql.nasl |
| 2012-02-13 | Name : Fedora Update for mysql FEDORA-2012-0987 File : nvt/gb_fedora_2012_0987_mysql_fc15.nasl |
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-02 (MySQL) File : nvt/glsa_201201_02.nasl |
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-08-19 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004) File : nvt/secpod_macosx_su11-004.nasl |
| 2011-08-09 | Name : CentOS Update for mysql CESA-2009:1289 centos5 i386 File : nvt/gb_CESA-2009_1289_mysql_centos5_i386.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
| 2014-A-0106 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0053189 |
| 2014-A-0057 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0049591 |
| 2014-A-0011 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0043399 |
| 2013-A-0201 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0040782 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-01-07 | yaSSL SSL Hello Message buffer overflow attempt RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1 |
| 2017-08-23 | Oracle MyPluggable Auth denial of service attempt RuleID : 43671 - Type : SQL - Revision : 3 |
| 2016-10-25 | Multiple SQL products privilege escalation attempt RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2 |
| 2016-10-25 | Multiple SQL products privilege escalation attempt RuleID : 40253 - Type : SERVER-MYSQL - Revision : 2 |
| 2016-03-14 | Hunter exploit kit landing page detected RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3 |
| 2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3 |
| 2014-12-16 | Oracle MySQL Server XPath memory Corruption attempt RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2 |
| 2014-01-10 | Database SELECT subquery denial of service attempt RuleID : 20053 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | Database unique set column denial of service attempt RuleID : 19094 - Type : SERVER-MYSQL - Revision : 12 |
| 2014-01-10 | Database unique set column denial of service attempt RuleID : 19093 - Type : SERVER-MYSQL - Revision : 12 |
| 2014-01-10 | IN NULL argument denial of service attempt RuleID : 19001 - Type : SERVER-MYSQL - Revision : 8 |
| 2014-01-10 | Database CASE NULL argument denial of service attempt RuleID : 19000 - Type : SERVER-MYSQL - Revision : 9 |
| 2014-01-10 | yaSSL SSL Hello Message Buffer Overflow attempt RuleID : 18513 - Type : SERVER-MYSQL - Revision : 13 |
| 2014-01-10 | Database COM_FIELD_LIST Buffer Overflow attempt RuleID : 16703 - Type : SERVER-MYSQL - Revision : 10 |
| 2014-01-10 | yaSSL library cert parsing stack overflow attempt RuleID : 16385 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | database Procedure Analyse denial of service attempt - 2 RuleID : 16349 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | database PROCEDURE ANALYSE denial of service attempt - 1 RuleID : 16348 - Type : SERVER-MYSQL - Revision : 7 |
| 2014-01-10 | yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt RuleID : 13714 - Type : SERVER-MYSQL - Revision : 16 |
| 2014-01-10 | yaSSL SSLv2 Client Hello Message Challenge Buffer Overflow attempt RuleID : 13713 - Type : MYSQL - Revision : 9 |
| 2014-01-10 | yaSSL SSLv2 Client Hello Message Session ID Buffer Overflow attempt RuleID : 13712 - Type : MYSQL - Revision : 9 |
| 2014-01-10 | yaSSL SSLv2 Client Hello Message Cipher Length Buffer Overflow attempt RuleID : 13711 - Type : MYSQL - Revision : 9 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-18 | Name: The remote Fedora host is missing a security update. File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
| 2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO |
| 2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO |
| 2019-01-07 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-77e610115a.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-83bbd0c22f.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-b4820696e1.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-c82fc3e109.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-f67fda3db6.nasl - Type: ACT_GATHER_INFO |
| 2018-12-28 | Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili... File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO |
| 2018-12-10 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO |
| 2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO |
| 2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO |
| 2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO |
| 2018-12-01 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO |
| 2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO |
| 2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4ae94c8deb.nasl - Type: ACT_GATHER_INFO |
| 2018-11-23 | Name: The remote Debian host is missing a security update. File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO |
