Summary
Detail | |||
---|---|---|---|
Vendor | Oracle | First view | 1998-12-27 |
Product | Mysql | Last view | 2024-01-16 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.5 | 2024-01-16 | CVE-2024-20985 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2024-01-16 | CVE-2024-20983 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2024-01-16 | CVE-2024-20981 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2024-01-16 | CVE-2024-20977 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2024-01-16 | CVE-2024-20975 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2024-01-16 | CVE-2024-20973 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2024-01-16 | CVE-2024-20971 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
5.5 | 2024-01-16 | CVE-2024-20969 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
5.5 | 2024-01-16 | CVE-2024-20967 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). |
4.9 | 2024-01-16 | CVE-2024-20965 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2024-01-16 | CVE-2024-20963 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2024-01-16 | CVE-2024-20961 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22115 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22114 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
2.7 | 2023-10-17 | CVE-2023-22113 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). |
4.9 | 2023-10-17 | CVE-2023-22112 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22111 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22110 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22104 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22103 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22097 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2023-10-17 | CVE-2023-22095 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). The supported version that is affected is 8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22092 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
4.9 | 2023-10-17 | CVE-2023-22084 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
6.5 | 2023-10-17 | CVE-2023-22079 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
12% (10) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
8% (7) | CWE-399 | Resource Management Errors |
8% (7) | CWE-264 | Permissions, Privileges, and Access Controls |
7% (6) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
7% (6) | CWE-20 | Improper Input Validation |
4% (4) | CWE-200 | Information Exposure |
3% (3) | CWE-787 | Out-of-bounds Write |
3% (3) | CWE-476 | NULL Pointer Dereference |
3% (3) | CWE-416 | Use After Free |
3% (3) | CWE-134 | Uncontrolled Format String |
2% (2) | CWE-284 | Access Control (Authorization) Issues |
2% (2) | CWE-190 | Integer Overflow or Wraparound |
2% (2) | CWE-189 | Numeric Errors |
2% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2% (2) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
1% (1) | CWE-707 | Improper Enforcement of Message or Data Structure |
1% (1) | CWE-665 | Improper Initialization |
1% (1) | CWE-522 | Insufficiently Protected Credentials |
1% (1) | CWE-502 | Deserialization of Untrusted Data |
1% (1) | CWE-494 | Download of Code Without Integrity Check |
1% (1) | CWE-369 | Divide By Zero |
1% (1) | CWE-362 | Race Condition |
1% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
1% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
1% (1) | CWE-310 | Cryptographic Issues |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-15 | Command Delimiters |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-61 | Session Fixation |
CAPEC-62 | Cross Site Request Forgery (aka Session Riding) |
CAPEC-122 | Exploitation of Authorization |
CAPEC-180 | Exploiting Incorrectly Configured Access Control Security Levels |
CAPEC-232 | Exploitation of Privilege/Trust |
CAPEC-234 | Hijacking a privileged process |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:436 | MYSQLd Double-free Vulnerability |
oval:org.mitre.oval:def:442 | MYSQL Privilege Escalation Vulnerability via INFO OUTFILE Select |
oval:org.mitre.oval:def:11557 | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symli... |
oval:org.mitre.oval:def:10559 | The mysqld_multi script in MySQL allows local users to overwrite arbitrary fi... |
oval:org.mitre.oval:def:10693 | The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp metho... |
oval:org.mitre.oval:def:10479 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated... |
oval:org.mitre.oval:def:10180 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated... |
oval:org.mitre.oval:def:9591 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names... |
oval:org.mitre.oval:def:9504 | mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the... |
oval:org.mitre.oval:def:9915 | MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via ... |
oval:org.mitre.oval:def:9918 | The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.... |
oval:org.mitre.oval:def:11036 | sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to... |
oval:org.mitre.oval:def:10312 | SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0... |
oval:org.mitre.oval:def:9516 | mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.... |
oval:org.mitre.oval:def:9827 | Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and ... |
oval:org.mitre.oval:def:10468 | MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a... |
oval:org.mitre.oval:def:10729 | MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on ca... |
oval:org.mitre.oval:def:10105 | MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routine... |
oval:org.mitre.oval:def:10686 | MySQL before 4.1.13 allows local users to cause a denial of service (persiste... |
oval:org.mitre.oval:def:9530 | MySQL 5.x before 5.0.36 allows local users to cause a denial of service (data... |
oval:org.mitre.oval:def:9930 | The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5... |
oval:org.mitre.oval:def:9559 | MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not re... |
oval:org.mitre.oval:def:9166 | The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.... |
oval:org.mitre.oval:def:20366 | DSA-1413-1 mysql - multiple |
oval:org.mitre.oval:def:11390 | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB en... |
SAINT Exploits
Description | Link |
---|---|
MySQL FILE privilege elevation | More info here |
MySQL yaSSL SSL Hello message buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78394 | Oracle MySQL Server Unspecified Remote DoS (2012-0493) |
78393 | Oracle MySQL Server Unspecified Remote DoS (2012-0492) |
78392 | Oracle MySQL Server Unspecified Remote DoS (2012-0117) |
78391 | Oracle MySQL Server Unspecified Remote DoS (2012-0112) |
78390 | Oracle MySQL Server Unspecified Remote DoS (2012-0495) |
78389 | Oracle MySQL Server Unspecified Remote DoS (2012-0491) |
78388 | Oracle MySQL Server Unspecified Remote DoS (2012-0490) |
78387 | Oracle MySQL Server Unspecified Remote DoS (2012-0489) |
78386 | Oracle MySQL Server Unspecified Remote DoS (2012-0488) |
78385 | Oracle MySQL Server Unspecified Remote DoS (2012-0487) |
78384 | Oracle MySQL Server Unspecified Remote DoS (2012-0486) |
78383 | Oracle MySQL Server Unspecified Remote DoS (2012-0485) |
78382 | Oracle MySQL Server Unspecified Remote DoS (2012-0120) |
78381 | Oracle MySQL Server Unspecified Remote DoS (2012-0119) |
78380 | Oracle MySQL Server Unspecified Remote DoS (2012-0115) |
78379 | Oracle MySQL Server Unspecified Remote DoS (2012-0102) |
78378 | Oracle MySQL Server Unspecified Remote DoS (2012-0101) |
78377 | Oracle MySQL Server Unspecified Remote DoS (2012-0087) |
78376 | Oracle MySQL Server Unspecified Remote DoS (2011-2262) |
78375 | Oracle MySQL Server Unspecified Local DoS |
78374 | Oracle MySQL Server Unspecified Remote Issue (2012-0075) |
78373 | Oracle MySQL Server Unspecified Local Issue |
78372 | Oracle MySQL Server Unspecified Remote Information Disclosure |
78371 | Oracle MySQL Server Unspecified Remote Issue (2012-0496) |
78370 | Oracle MySQL Server Unspecified Remote Issue (2012-0118) |
OpenVAS Exploits
id | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2581-1 (mysql-5.1 - several vulnerabilities) File : nvt/deb_2581_1.nasl |
2012-12-26 | Name : Fedora Update for mysql FEDORA-2012-19823 File : nvt/gb_fedora_2012_19823_mysql_fc16.nasl |
2012-12-18 | Name : Fedora Update for mysql FEDORA-2012-19833 File : nvt/gb_fedora_2012_19833_mysql_fc17.nasl |
2012-12-13 | Name : SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql) File : nvt/gb_suse_2012_0860_1.nasl |
2012-12-11 | Name : Ubuntu Update for mysql-5.5 USN-1658-1 File : nvt/gb_ubuntu_USN_1658_1.nasl |
2012-12-10 | Name : CentOS Update for mysql CESA-2012:1551 centos6 File : nvt/gb_CESA-2012_1551_mysql_centos6.nasl |
2012-12-10 | Name : RedHat Update for mysql RHSA-2012:1551-01 File : nvt/gb_RHSA-2012_1551-01_mysql.nasl |
2012-12-10 | Name : Mandriva Update for mysql MDVSA-2012:178 (mysql) File : nvt/gb_mandriva_MDVSA_2012_178.nasl |
2012-12-07 | Name : MySQL Authentication Error Message User Enumeration Vulnerability File : nvt/gb_oracle_mysql_old_auth_user_enum_vuln.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln01_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln02_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln03_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln04_nov12_win.nasl |
2012-11-26 | Name : Oracle MySQL Server Multiple Vulnerability-05 Nov12 (Windows) File : nvt/gb_oracle_mysql_multiple_vuln05_nov12_win.nasl |
2012-11-15 | Name : CentOS Update for mysql CESA-2012:1462 centos6 File : nvt/gb_CESA-2012_1462_mysql_centos6.nasl |
2012-11-15 | Name : RedHat Update for mysql RHSA-2012:1462-01 File : nvt/gb_RHSA-2012_1462-01_mysql.nasl |
2012-11-06 | Name : Ubuntu Update for mysql-5.5 USN-1621-1 File : nvt/gb_ubuntu_USN_1621_1.nasl |
2012-08-30 | Name : Fedora Update for mysql FEDORA-2012-9308 File : nvt/gb_fedora_2012_9308_mysql_fc17.nasl |
2012-08-10 | Name : Debian Security Advisory DSA 2496-1 (mysql-5.1) File : nvt/deb_2496_1.nasl |
2012-07-30 | Name : CentOS Update for mysql CESA-2012:0105 centos6 File : nvt/gb_CESA-2012_0105_mysql_centos6.nasl |
2012-07-30 | Name : CentOS Update for mysql CESA-2012:0127 centos5 File : nvt/gb_CESA-2012_0127_mysql_centos5.nasl |
2012-07-30 | Name : CentOS Update for mysql CESA-2012:0874 centos6 File : nvt/gb_CESA-2012_0874_mysql_centos6.nasl |
2012-07-09 | Name : RedHat Update for mysql RHSA-2012:0105-01 File : nvt/gb_RHSA-2012_0105-01_mysql.nasl |
2012-06-28 | Name : Fedora Update for mysql FEDORA-2012-9324 File : nvt/gb_fedora_2012_9324_mysql_fc16.nasl |
2012-06-22 | Name : RedHat Update for mysql RHSA-2012:0874-04 File : nvt/gb_RHSA-2012_0874-04_mysql.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0155 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0061083 |
2014-A-0106 | Multiple Vulnerabilities in Oracle MySQL Product Suite Severity: Category I - VMSKEY: V0053189 |
2014-A-0057 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0049591 |
2014-A-0011 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0043399 |
2013-A-0201 | Multiple Vulnerabilities in Oracle MySQL Products Severity: Category I - VMSKEY: V0040782 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Date_Format denial of service attempt RuleID : 8057 - Type : SERVER-MYSQL - Revision : 11 |
2020-01-14 | MySQL/MariaDB Server geometry query envelope object integer overflow attempt RuleID : 52423 - Type : SERVER-MYSQL - Revision : 1 |
2020-01-07 | yaSSL SSL Hello Message buffer overflow attempt RuleID : 52366 - Type : SERVER-MYSQL - Revision : 1 |
2014-01-10 | create function buffer overflow attempt RuleID : 4649 - Type : SERVER-MYSQL - Revision : 7 |
2017-11-30 | MySQL/MariaDB Server geometry query integer overflow attempt RuleID : 44674 - Type : SERVER-MYSQL - Revision : 2 |
2017-08-23 | Oracle MyPluggable Auth denial of service attempt RuleID : 43671 - Type : SQL - Revision : 3 |
2016-10-25 | Multiple SQL products privilege escalation attempt RuleID : 40254 - Type : SERVER-MYSQL - Revision : 2 |
2016-10-25 | Multiple SQL products privilege escalation attempt RuleID : 40253 - Type : SERVER-MYSQL - Revision : 2 |
2014-01-10 | client overflow attempt RuleID : 3672 - Type : SERVER-MYSQL - Revision : 11 |
2014-01-10 | protocol 41 client overflow attempt RuleID : 3671 - Type : SERVER-MYSQL - Revision : 11 |
2014-01-10 | secure client overflow attempt RuleID : 3670 - Type : SERVER-MYSQL - Revision : 11 |
2014-01-10 | protocol 41 secure client overflow attempt RuleID : 3669 - Type : SERVER-MYSQL - Revision : 11 |
2014-01-10 | client authentication bypass attempt RuleID : 3668 - Type : SERVER-MYSQL - Revision : 13 |
2014-01-10 | protocol 41 client authentication bypass attempt RuleID : 3667 - Type : SERVER-MYSQL - Revision : 11 |
2014-01-10 | server greeting finished RuleID : 3666 - Type : SERVER-MYSQL - Revision : 12 |
2014-01-10 | server greeting RuleID : 3665 - Type : SERVER-MYSQL - Revision : 11 |
2016-03-14 | Hunter exploit kit landing page detected RuleID : 36543 - Type : EXPLOIT-KIT - Revision : 2 |
2014-01-10 | create function access attempt RuleID : 3528 - Type : SERVER-MYSQL - Revision : 12 |
2015-03-31 | MySQL/MariaDB Server geometry query object integer overflow attempt RuleID : 33637 - Type : SERVER-MYSQL - Revision : 4 |
2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32651 - Type : SERVER-MYSQL - Revision : 3 |
2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32650 - Type : SERVER-MYSQL - Revision : 3 |
2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32649 - Type : SERVER-MYSQL - Revision : 3 |
2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32648 - Type : SERVER-MYSQL - Revision : 3 |
2015-01-06 | Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt RuleID : 32647 - Type : SERVER-MYSQL - Revision : 3 |
2014-12-16 | Oracle MySQL Server XPath memory Corruption attempt RuleID : 32533 - Type : SERVER-MYSQL - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Fedora host is missing a security update. File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_6_43.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_5_7_25.nasl - Type: ACT_GATHER_INFO |
2019-01-17 | Name: The remote database server is affected by multiple vulnerabilities. File: mysql_8_0_14.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_10_0_37.nasl - Type: ACT_GATHER_INFO |
2019-01-16 | Name: The remote database server is affected by multiple vulnerabilities File: mariadb_5_5_42.nasl - Type: ACT_GATHER_INFO |
2019-01-07 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2019-1001.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-00e90783d2.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-242f6c1a41.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-2513b888a4.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-55b875c1ac.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-77e610115a.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-83bbd0c22f.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-b4820696e1.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-c82fc3e109.nasl - Type: ACT_GATHER_INFO |
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-f67fda3db6.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili... File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO |
2018-12-10 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1114.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1115.nasl - Type: ACT_GATHER_INFO |
2018-12-07 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1116.nasl - Type: ACT_GATHER_INFO |
2018-12-01 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-192148f4ff.nasl - Type: ACT_GATHER_INFO |
2018-11-27 | Name: The remote Fedora host is missing a security update. File: fedora_2018-4ae94c8deb.nasl - Type: ACT_GATHER_INFO |
2018-11-23 | Name: The remote Debian host is missing a security update. File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO |