This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 1998-12-27
Product Mysql Last view 2024-01-16
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:oracle:mysql:5.1.10:*:*:*:*:*:*:* 1156
cpe:2.3:a:oracle:mysql:5.1.11:*:*:*:*:*:*:* 1155
cpe:2.3:a:oracle:mysql:5.1.2:*:*:*:*:*:*:* 1154
cpe:2.3:a:oracle:mysql:5.1.1:*:*:*:*:*:*:* 1154
cpe:2.3:a:oracle:mysql:5.1.17:*:*:*:*:*:*:* 1153
cpe:2.3:a:oracle:mysql:5.1.16:*:*:*:*:*:*:* 1153
cpe:2.3:a:oracle:mysql:5.1.15:*:*:*:*:*:*:* 1153
cpe:2.3:a:oracle:mysql:5.1.12:*:*:*:*:*:*:* 1153
cpe:2.3:a:oracle:mysql:5.1.14:*:*:*:*:*:*:* 1153
cpe:2.3:a:oracle:mysql:5.1.13:*:*:*:*:*:*:* 1153
cpe:2.3:a:oracle:mysql:5.1.5:-:*:*:*:*:*:* 1152
cpe:2.3:a:oracle:mysql:5.1.3:*:*:*:*:*:*:* 1151
cpe:2.3:a:oracle:mysql:5.1.9:*:*:*:*:*:*:* 1151
cpe:2.3:a:oracle:mysql:5.1.6:*:*:*:*:*:*:* 1151
cpe:2.3:a:oracle:mysql:5.1.4:*:*:*:*:*:*:* 1150
cpe:2.3:a:oracle:mysql:5.1.8:*:*:*:*:*:*:* 1149
cpe:2.3:a:oracle:mysql:5.1.7:*:*:*:*:*:*:* 1149
cpe:2.3:a:oracle:mysql:5.1:*:*:*:*:*:*:* 1148
cpe:2.3:a:oracle:mysql:5.1.23:-:*:*:*:*:*:* 1146
cpe:2.3:a:oracle:mysql:5.1.21:*:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.1.18:*:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.1.22:*:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.1.19:*:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.1.30:*:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.1.20:*:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.0.1:-:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.0.2:-:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.0.4:-:*:*:*:*:*:* 1144
cpe:2.3:a:oracle:mysql:5.1.32:-:*:*:*:*:*:* 1143
cpe:2.3:a:oracle:mysql:5.0.3:-:*:*:*:*:*:* 1142
cpe:2.3:a:oracle:mysql:5.1.31:-:*:*:*:*:*:* 1141
cpe:2.3:a:oracle:mysql:5.1.33:*:*:*:*:*:*:* 1140
cpe:2.3:a:oracle:mysql:5.1.34:-:*:*:*:*:*:* 1140
cpe:2.3:a:oracle:mysql:5.1.36:*:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.39:*:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.0.15:-:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.0.16:-:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.23:a:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.0.17:-:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.40:*:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.37:-:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.35:*:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.38:*:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.0.10:-:*:*:*:*:*:* 1139
cpe:2.3:a:oracle:mysql:5.1.29:*:*:*:*:*:*:* 1138
cpe:2.3:a:oracle:mysql:5.1.24:*:*:*:*:*:*:* 1138
cpe:2.3:a:oracle:mysql:5.1.25:*:*:*:*:*:*:* 1138
cpe:2.3:a:oracle:mysql:5.1.26:*:*:*:*:*:*:* 1138
cpe:2.3:a:oracle:mysql:5.0.5:-:*:*:*:*:*:* 1138
cpe:2.3:a:oracle:mysql:5.1.27:*:*:*:*:*:*:* 1138

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.5 2024-01-16 CVE-2024-20985

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-01-16 CVE-2024-20983

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-01-16 CVE-2024-20981

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2024-01-16 CVE-2024-20977

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

6.5 2024-01-16 CVE-2024-20975

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

6.5 2024-01-16 CVE-2024-20973

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2024-01-16 CVE-2024-20971

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

5.5 2024-01-16 CVE-2024-20969

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

5.5 2024-01-16 CVE-2024-20967

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

4.9 2024-01-16 CVE-2024-20965

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2024-01-16 CVE-2024-20963

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

6.5 2024-01-16 CVE-2024-20961

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22115

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22114

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

2.7 2023-10-17 CVE-2023-22113

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

4.9 2023-10-17 CVE-2023-22112

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22111

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22110

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22104

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22103

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22097

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2023-10-17 CVE-2023-22095

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22092

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

4.9 2023-10-17 CVE-2023-22084

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

6.5 2023-10-17 CVE-2023-22079

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
12% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (7) CWE-399 Resource Management Errors
8% (7) CWE-264 Permissions, Privileges, and Access Controls
7% (6) CWE-59 Improper Link Resolution Before File Access ('Link Following')
7% (6) CWE-20 Improper Input Validation
4% (4) CWE-200 Information Exposure
3% (3) CWE-787 Out-of-bounds Write
3% (3) CWE-476 NULL Pointer Dereference
3% (3) CWE-416 Use After Free
3% (3) CWE-134 Uncontrolled Format String
2% (2) CWE-284 Access Control (Authorization) Issues
2% (2) CWE-190 Integer Overflow or Wraparound
2% (2) CWE-189 Numeric Errors
2% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (2) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
1% (1) CWE-707 Improper Enforcement of Message or Data Structure
1% (1) CWE-665 Improper Initialization
1% (1) CWE-522 Insufficiently Protected Credentials
1% (1) CWE-502 Deserialization of Untrusted Data
1% (1) CWE-494 Download of Code Without Integrity Check
1% (1) CWE-369 Divide By Zero
1% (1) CWE-362 Race Condition
1% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
1% (1) CWE-319 Cleartext Transmission of Sensitive Information
1% (1) CWE-310 Cryptographic Issues

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC-15 Command Delimiters
CAPEC-17 Accessing, Modifying or Executing Executable Files
CAPEC-60 Reusing Session IDs (aka Session Replay)
CAPEC-61 Session Fixation
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-122 Exploitation of Authorization
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-232 Exploitation of Privilege/Trust
CAPEC-234 Hijacking a privileged process

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:436 MYSQLd Double-free Vulnerability
oval:org.mitre.oval:def:442 MYSQL Privilege Escalation Vulnerability via INFO OUTFILE Select
oval:org.mitre.oval:def:11557 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symli...
oval:org.mitre.oval:def:10559 The mysqld_multi script in MySQL allows local users to overwrite arbitrary fi...
oval:org.mitre.oval:def:10693 The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp metho...
oval:org.mitre.oval:def:10479 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:10180 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated...
oval:org.mitre.oval:def:9591 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names...
oval:org.mitre.oval:def:9504 mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the...
oval:org.mitre.oval:def:9915 MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via ...
oval:org.mitre.oval:def:9918 The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4....
oval:org.mitre.oval:def:11036 sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to...
oval:org.mitre.oval:def:10312 SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0...
oval:org.mitre.oval:def:9516 mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5....
oval:org.mitre.oval:def:9827 Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ...
oval:org.mitre.oval:def:10468 MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a...
oval:org.mitre.oval:def:10729 MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca...
oval:org.mitre.oval:def:10105 MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routine...
oval:org.mitre.oval:def:10686 MySQL before 4.1.13 allows local users to cause a denial of service (persiste...
oval:org.mitre.oval:def:9530 MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data...
oval:org.mitre.oval:def:9930 The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5...
oval:org.mitre.oval:def:9559 MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not re...
oval:org.mitre.oval:def:9166 The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5....
oval:org.mitre.oval:def:20366 DSA-1413-1 mysql - multiple
oval:org.mitre.oval:def:11390 The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB en...

SAINT Exploits

Description Link
MySQL FILE privilege elevation More info here
MySQL yaSSL SSL Hello message buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78394 Oracle MySQL Server Unspecified Remote DoS (2012-0493)
78393 Oracle MySQL Server Unspecified Remote DoS (2012-0492)
78392 Oracle MySQL Server Unspecified Remote DoS (2012-0117)
78391 Oracle MySQL Server Unspecified Remote DoS (2012-0112)
78390 Oracle MySQL Server Unspecified Remote DoS (2012-0495)
78389 Oracle MySQL Server Unspecified Remote DoS (2012-0491)
78388 Oracle MySQL Server Unspecified Remote DoS (2012-0490)
78387 Oracle MySQL Server Unspecified Remote DoS (2012-0489)
78386 Oracle MySQL Server Unspecified Remote DoS (2012-0488)
78385 Oracle MySQL Server Unspecified Remote DoS (2012-0487)
78384 Oracle MySQL Server Unspecified Remote DoS (2012-0486)
78383 Oracle MySQL Server Unspecified Remote DoS (2012-0485)
78382 Oracle MySQL Server Unspecified Remote DoS (2012-0120)
78381 Oracle MySQL Server Unspecified Remote DoS (2012-0119)
78380 Oracle MySQL Server Unspecified Remote DoS (2012-0115)
78379 Oracle MySQL Server Unspecified Remote DoS (2012-0102)
78378 Oracle MySQL Server Unspecified Remote DoS (2012-0101)
78377 Oracle MySQL Server Unspecified Remote DoS (2012-0087)
78376 Oracle MySQL Server Unspecified Remote DoS (2011-2262)
78375 Oracle MySQL Server Unspecified Local DoS
78374 Oracle MySQL Server Unspecified Remote Issue (2012-0075)
78373 Oracle MySQL Server Unspecified Local Issue
78372 Oracle MySQL Server Unspecified Remote Information Disclosure
78371 Oracle MySQL Server Unspecified Remote Issue (2012-0496)
78370 Oracle MySQL Server Unspecified Remote Issue (2012-0118)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities)
File : nvt/deb_2581_1.nasl
2012-12-26 Name : Fedora Update for mysql FEDORA-2012-19823
File : nvt/gb_fedora_2012_19823_mysql_fc16.nasl
2012-12-18 Name : Fedora Update for mysql FEDORA-2012-19833
File : nvt/gb_fedora_2012_19833_mysql_fc17.nasl
2012-12-13 Name : SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
File : nvt/gb_suse_2012_0860_1.nasl
2012-12-11 Name : Ubuntu Update for mysql-5.5 USN-1658-1
File : nvt/gb_ubuntu_USN_1658_1.nasl
2012-12-10 Name : CentOS Update for mysql CESA-2012:1551 centos6
File : nvt/gb_CESA-2012_1551_mysql_centos6.nasl
2012-12-10 Name : RedHat Update for mysql RHSA-2012:1551-01
File : nvt/gb_RHSA-2012_1551-01_mysql.nasl
2012-12-10 Name : Mandriva Update for mysql MDVSA-2012:178 (mysql)
File : nvt/gb_mandriva_MDVSA_2012_178.nasl
2012-12-07 Name : MySQL Authentication Error Message User Enumeration Vulnerability
File : nvt/gb_oracle_mysql_old_auth_user_enum_vuln.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl
2012-11-26 Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows)
File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl
2012-11-15 Name : CentOS Update for mysql CESA-2012:1462 centos6
File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl
2012-11-15 Name : RedHat Update for mysql RHSA-2012:1462-01
File : nvt/gb_RHSA-2012_1462-01_mysql.nasl
2012-11-06 Name : Ubuntu Update for mysql-5.5 USN-1621-1
File : nvt/gb_ubuntu_USN_1621_1.nasl
2012-08-30 Name : Fedora Update for mysql FEDORA-2012-9308
File : nvt/gb_fedora_2012_9308_mysql_fc17.nasl
2012-08-10 Name : Debian Security Advisory DSA 2496-1 (mysql-5.1)
File : nvt/deb_2496_1.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0105 centos6
File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0127 centos5
File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl
2012-07-30 Name : CentOS Update for mysql CESA-2012:0874 centos6
File : nvt/gb_CESA-2012_0874_mysql_centos6.nasl
2012-07-09 Name : RedHat Update for mysql RHSA-2012:0105-01
File : nvt/gb_RHSA-2012_0105-01_mysql.nasl
2012-06-28 Name : Fedora Update for mysql FEDORA-2012-9324
File : nvt/gb_fedora_2012_9324_mysql_fc16.nasl
2012-06-22 Name : RedHat Update for mysql RHSA-2012:0874-04
File : nvt/gb_RHSA-2012_0874-04_mysql.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0155 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0061083
2014-A-0106 Multiple Vulnerabilities in Oracle MySQL Product Suite
Severity: Category I - VMSKEY: V0053189
2014-A-0057 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0049591
2014-A-0011 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0043399
2013-A-0201 Multiple Vulnerabilities in Oracle MySQL Products
Severity: Category I - VMSKEY: V0040782

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Date_Format denial of service attempt
RuleID : 8057 - Type : SERVER-MYSQL - Revision : 11
2020-01-14 MySQL/MariaDB Server geometry query envelope object integer overflow attempt
RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1
2020-01-07 yaSSL SSL Hello Message buffer overflow attempt
RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1
2014-01-10 create function buffer overflow attempt
RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7
2017-11-30 MySQL/MariaDB Server geometry query integer overflow attempt
RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2
2017-08-23 Oracle MyPluggable Auth denial of service attempt
RuleID : 43671 - Type : SQL - Revision : 3
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2
2016-10-25 Multiple SQL products privilege escalation attempt
RuleID : 40253 - Type : SERVER-MYSQL - Revision : 2
2014-01-10 client overflow attempt
RuleID : 3672 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 protocol 41 client overflow attempt
RuleID : 3671 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 secure client overflow attempt
RuleID : 3670 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 protocol 41 secure client overflow attempt
RuleID : 3669 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 client authentication bypass attempt
RuleID : 3668 - Type : SERVER-MYSQL - Revision : 13
2014-01-10 protocol 41 client authentication bypass attempt
RuleID : 3667 - Type : SERVER-MYSQL - Revision : 11
2014-01-10 server greeting finished
RuleID : 3666 - Type : SERVER-MYSQL - Revision : 12
2014-01-10 server greeting
RuleID : 3665 - Type : SERVER-MYSQL - Revision : 11
2016-03-14 Hunter exploit kit landing page detected
RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10 create function access attempt
RuleID : 3528 - Type : SERVER-MYSQL - Revision : 12
2015-03-31 MySQL/MariaDB Server geometry query object integer overflow attempt
RuleID : 33637 - Type : SERVER-MYSQL - Revision : 4
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3
2015-01-06 Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt
RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3
2014-12-16 Oracle MySQL Server XPath memory Corruption attempt
RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Fedora host is missing a security update.
File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO
2019-01-17 Name: The remote database server is affected by multiple vulnerabilities.
File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO
2019-01-16 Name: The remote database server is affected by multiple vulnerabilities
File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-77e610115a.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-83bbd0c22f.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b4820696e1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c82fc3e109.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f67fda3db6.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Fedora host is missing a security update.
File: fedora_2018-4ae94c8deb.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Debian host is missing a security update.
File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO