This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 1998-12-27
Product Mysql Last view 2020-07-24
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:* 787
cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:* 786
cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:* 785
cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:* 785
cpe:2.3:a:oracle:mysql:5.1.5:-:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:* 784
cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:* 783
cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:* 783
cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:* 782
cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:* 782
cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:* 781
cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:* 781
cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:* 780
cpe:2.3:a:oracle:mysql:5.1.23:-:*:*:*:*:*:* 778
cpe:2.3:a:oracle:mysql:5.0.4:-:*:*:*:*:*:* 777
cpe:2.3:a:oracle:mysql:5.1.32:-:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.0.2:-:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.0.1:-:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:* 776
cpe:2.3:a:oracle:mysql:5.0.3:-:*:*:*:*:*:* 775
cpe:2.3:a:oracle:mysql:5.1.31:-:*:*:*:*:*:* 773
cpe:2.3:a:oracle:mysql:5.1.34:-:*:*:*:*:*:* 772
cpe:2.3:a:oracle:mysql:5.0.15:-:*:*:*:*:*:* 772
cpe:2.3:a:oracle:mysql:5.0.16:-:*:*:*:*:*:* 772
cpe:2.3:a:oracle:mysql:5.0.17:-:*:*:*:*:*:* 772
cpe:2.3:a:oracle:mysql:5.0.10:-:*:*:*:*:*:* 772
cpe:2.3:a:oracle:mysql:5.1.33:*:*:*:*:*:*:* 772
cpe:2.3:a:oracle:mysql:5.1.37:-:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.23:a:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.0.5:-:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.35:*:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.36:*:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.38:*:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.39:*:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.40:*:*:*:*:*:*:* 771
cpe:2.3:a:oracle:mysql:5.1.27:*:*:*:*:*:*:* 770
cpe:2.3:a:oracle:mysql:5.1.31:sp1:*:*:*:*:*:* 770
cpe:2.3:a:oracle:mysql:5.1.24:*:*:*:*:*:*:* 770
cpe:2.3:a:oracle:mysql:5.1.25:*:*:*:*:*:*:* 770
cpe:2.3:a:oracle:mysql:5.1.26:*:*:*:*:*:*:* 770

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.9 2020-07-24 CVE-2020-14725

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14702

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

7.2 2020-07-15 CVE-2020-14697

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

6.5 2020-07-15 CVE-2020-14680

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

7.2 2020-07-15 CVE-2020-14678

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

7.2 2020-07-15 CVE-2020-14663

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

4.9 2020-07-15 CVE-2020-14656

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14654

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

5.5 2020-07-15 CVE-2020-14651

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

5.5 2020-07-15 CVE-2020-14643

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

4.9 2020-07-15 CVE-2020-14641

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

2.7 2020-07-15 CVE-2020-14634

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

2.7 2020-07-15 CVE-2020-14633

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).

4.9 2020-07-15 CVE-2020-14632

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14631

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14624

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14623

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14620

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2020-07-15 CVE-2020-14619

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14614

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14597

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2020-07-15 CVE-2020-14591

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14586

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2020-07-15 CVE-2020-14576

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2020-07-15 CVE-2020-14575

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CWE : Common Weakness Enumeration

%idName
14% (11) CWE-200 Information Exposure
13% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10% (8) CWE-20 Improper Input Validation
9% (7) CWE-399 Resource Management Errors
9% (7) CWE-264 Permissions, Privileges, and Access Controls
6% (5) CWE-59 Improper Link Resolution Before File Access ('Link Following')
5% (4) CWE-189 Numeric Errors
4% (3) CWE-284 Access Control (Authorization) Issues
4% (3) CWE-134 Uncontrolled Format String
4% (3) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
2% (2) CWE-310 Cryptographic Issues
1% (1) CWE-416 Use After Free
1% (1) CWE-362 Race Condition
1% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
1% (1) CWE-319 Cleartext Transmission of Sensitive Information
1% (1) CWE-287 Improper Authentication
1% (1) CWE-269 Improper Privilege Management
1% (1) CWE-254 Security Features
1% (1) CWE-190 Integer Overflow or Wraparound
1% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
1% (1) CWE-16 Configuration

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-15 Command Delimiters
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-61 Session Fixation
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-122 Exploitation of Authorization
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-232 Exploitation of Privilege/Trust
CAPEC-234 Hijacking a privileged process

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:436 MYSQLd Double-free Vulnerability
oval:org.mitre.oval:def:442 MYSQL Privilege Escalation Vulnerability via INFO OUTFILE Select
oval:org.mitre.oval:def:11557 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symli...
oval:org.mitre.oval:def:10559 The mysqld_multi script in MySQL allows local users to overwrite arbitrary fi...
oval:org.mitre.oval:def:10693 The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp metho...
oval:org.mitre.oval:def:10479 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:10180 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:9591 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names...
oval:org.mitre.oval:def:9504 mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the...
oval:org.mitre.oval:def:9915 MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via ...
oval:org.mitre.oval:def:9918 The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4....
oval:org.mitre.oval:def:11036 sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to...
oval:org.mitre.oval:def:10312 SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0...
oval:org.mitre.oval:def:9516 mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5....
oval:org.mitre.oval:def:9827 Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...
oval:org.mitre.oval:def:10468 MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:10729 MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca...
oval:org.mitre.oval:def:10105 MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routine...
oval:org.mitre.oval:def:10686 MySQL before 4.1.13 allows local users to cause a denial of service (persiste...
oval:org.mitre.oval:def:9530 MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data...
oval:org.mitre.oval:def:9930 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5...
oval:org.mitre.oval:def:9559 MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not re...
oval:org.mitre.oval:def:9166 The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5....
oval:org.mitre.oval:def:20366 DSA-1413-1 mysql - multiple
oval:org.mitre.oval:def:11390 The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB en...

SAINT Exploits

Description Link
MySQL FILE privilege elevation More info here
MySQL yaSSL SSL Hello message buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78394 Oracle MySQL Server Unspecified Remote DoS (2012-0493)
78393 Oracle MySQL Server Unspecified Remote DoS (2012-0492)
78392 Oracle MySQL Server Unspecified Remote DoS (2012-0117)
78391 Oracle MySQL Server Unspecified Remote DoS (2012-0112)
78390 Oracle MySQL Server Unspecified Remote DoS (2012-0495)
78389 Oracle MySQL Server Unspecified Remote DoS (2012-0491)
78388 Oracle MySQL Server Unspecified Remote DoS (2012-0490)
78387 Oracle MySQL Server Unspecified Remote DoS (2012-0489)
78386 Oracle MySQL Server Unspecified Remote DoS (2012-0488)
78385 Oracle MySQL Server Unspecified Remote DoS (2012-0487)
78384 Oracle MySQL Server Unspecified Remote DoS (2012-0486)
78383 Oracle MySQL Server Unspecified Remote DoS (2012-0485)
78382 Oracle MySQL Server Unspecified Remote DoS (2012-0120)
78381 Oracle MySQL Server Unspecified Remote DoS (2012-0119)
78380 Oracle MySQL Server Unspecified Remote DoS (2012-0115)
78379 Oracle MySQL Server Unspecified Remote DoS (2012-0102)
78378 Oracle MySQL Server Unspecified Remote DoS (2012-0101)
78377 Oracle MySQL Server Unspecified Remote DoS (2012-0087)
78376 Oracle MySQL Server Unspecified Remote DoS (2011-2262)
78375 Oracle MySQL Server Unspecified Local DoS
78374 Oracle MySQL Server Unspecified Remote Issue (2012-0075)
78373 Oracle MySQL Server Unspecified Local Issue
78372 Oracle MySQL Server Unspecified Remote Information Disclosure
78371 Oracle MySQL Server Unspecified Remote Issue (2012-0496)
78370 Oracle MySQL Server Unspecified Remote Issue (2012-0118)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-12-26 Name : Fedora Update for mysql FEDORA-2012-19823
File : nvt/gb_fedora_2012_19823_mysql_fc16.nasl
2012-12-18 Name : Fedora Update for mysql FEDORA-2012-19833
File : nvt/gb_fedora_2012_19833_mysql_fc17.nasl
2012-12-13 Name : SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
File : nvt/gb_suse_2012_0860_1.nasl
2012-12-11 Name : Ubuntu Update for mysql-5.5 USN-1658-1
File : nvt/gb_ubuntu_USN_1658_1.nasl
2012-12-10 Name : CentOS Update for mysql CESA-2012:1551 centos6
File : nvt/gb_CESA-2012_1551_mysql_centos6.nasl
2012-12-10 Name : RedHat Update for mysql RHSA-2012:1551-01
File : nvt/gb_RHSA-2012_1551-01_mysql.nasl
2012-12-10 Name : Mandriva Update for mysql MDVSA-2012:178 (mysql)
File : nvt/gb_mandriva_MDVSA_2012_178.nasl
2012-12-07 Name : MySQL Authentication Error Message User Enumeration Vulnerability
File : nvt/gb_oracle_mysql_old_auth_user_enum_vuln.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-08-30 Name : Fedora Update for mysql FEDORA-2012-9308
File : nvt/gb_fedora_2012_9308_mysql_fc17.nasl
2012-08-10 Name : Debian Security Advisory DSA 2496-1 (mysql-5.1)
File : nvt/deb_2496_1.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0105 centos6
File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0127 centos5
File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0874 centos6
File : nvt/gb_CESA-2012_0874_mysql_centos6.nasl
2012-07-09 Name : RedHat Update for mysql RHSA-2012:0105-01
File : nvt/gb_RHSA-2012_0105-01_mysql.nasl
2012-06-28 Name : Fedora Update for mysql FEDORA-2012-9324
File : nvt/gb_fedora_2012_9324_mysql_fc16.nasl
2012-06-22 Name : RedHat Update for mysql RHSA-2012:0874-04
File : nvt/gb_RHSA-2012_0874-04_mysql.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2014-A-0106 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0053189
2014-A-0057 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0049591
2014-A-0011 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0043399
2013-A-0201 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0040782

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Date_Format denial of service attempt
RuleID : 8057 - Type : SERVER-MYSQL - Revision : 11
2020-01-07 yaSSL SSL Hello Message buffer overflow attempt
RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1
2014-01-10 create function buffer overflow attempt
RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7
2017-08-23 Oracle MyPluggable Auth denial of service attempt
RuleID : 43671 - Type : SQL - Revision : 3
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40253 - Type : SERVER-MYSQL - Revision : 2
2014-01-10 client overflow attempt
RuleID : 3672 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 protocol 41 client overflow attempt
RuleID : 3671 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 secure client overflow attempt
RuleID : 3670 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 protocol 41 secure client overflow attempt
RuleID : 3669 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 client authentication bypass attempt
RuleID : 3668 - Type : SERVER-MYSQL - Revision : 13
2014-01-10 protocol 41 client authentication bypass attempt
RuleID : 3667 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 server greeting finished
RuleID : 3666 - Type : SERVER-MYSQL - Revision : 12
2014-01-10 server greeting
RuleID : 3665 - Type : SERVER-MYSQL - Revision : 11
2016-03-14 Hunter exploit kit landing page detected
RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 create function access attempt
RuleID : 3528 - Type : SERVER-MYSQL - Revision : 12
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3
2014-12-16 Oracle MySQL Server XPath memory Corruption attempt
RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2
2014-11-16 MySQL/MariaDB mysql.cc buffer overflow attempt
RuleID : 31570 - Type : SERVER-MYSQL - Revision : 3
2014-01-10 Microsoft MSN Messenger png overflow
RuleID : 3130-community - Type : PUA-OTHER - Revision : 8
2014-01-10 Microsoft MSN Messenger png overflow
RuleID : 3130 - Type : PUA-OTHER - Revision : 8

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Fedora host is missing a security update.
File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-77e610115a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-83bbd0c22f.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b4820696e1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c82fc3e109.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f67fda3db6.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4ae94c8deb.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Debian host is missing a security update.
File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO