CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mysql : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2014-6484 2014-10-15 2014-10-17
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to SERVER:DML.
2 CVE-2014-6478 2014-10-15 2014-10-17
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect integrity via vectors related to SERVER:SSL:yaSSL.
3 CVE-2014-6464 2014-10-15 2014-10-17
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:INNODB DML FOREIGN KEYS.
4 CVE-2014-2419 2014-04-15 2014-06-18
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
5 CVE-2014-0412 2014-01-15 2014-03-05
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6 CVE-2014-0402 2014-01-15 2014-03-05
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
7 CVE-2014-0401 2014-01-15 2014-03-05
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.
8 CVE-2014-0386 2014-01-15 2014-03-05
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
9 CVE-2014-0384 2014-04-15 2014-04-16
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to XML.
10 CVE-2013-5891 2014-01-15 2014-03-05
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.33 and earlier and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
11 CVE-2013-3809 2013-07-17 2014-01-13
4.0
None Remote Low Single system None Partial None
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
12 CVE-2013-3808 2013-07-17 2014-02-21
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
13 CVE-2013-3805 2013-07-17 2013-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
14 CVE-2013-3804 2013-07-17 2014-02-21
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
15 CVE-2013-3802 2013-07-17 2014-02-21
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
16 CVE-2013-3794 2013-07-17 2013-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
17 CVE-2013-3793 2013-07-17 2014-01-13
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
18 CVE-2013-3783 2013-07-17 2014-01-13
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
19 CVE-2013-2392 2013-04-17 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
20 CVE-2013-2389 2013-04-17 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
21 CVE-2013-2376 2013-04-17 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
22 CVE-2013-1555 2013-04-17 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
23 CVE-2013-1523 2013-04-17 2014-02-20
4.6
None Remote High Single system Partial Partial Partial
Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
24 CVE-2013-1512 2013-04-17 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
25 CVE-2013-0383 2013-01-16 2014-02-20
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
26 CVE-2013-0371 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
27 CVE-2013-0368 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
28 CVE-2013-0367 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
29 CVE-2012-5627 255 Exec Code 2013-10-01 2014-02-20
4.0
None Remote Low Single system Partial None None
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
30 CVE-2012-3180 2012-10-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
31 CVE-2012-3173 2012-10-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
32 CVE-2012-3166 2012-10-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
33 CVE-2012-3150 2012-10-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
34 CVE-2012-3144 2012-10-16 2013-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
35 CVE-2012-2749 399 DoS 2012-08-16 2014-02-20
4.0
None Remote Low Single system None None Partial
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
36 CVE-2012-1757 2012-07-17 2014-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
37 CVE-2012-1756 2012-07-17 2014-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
38 CVE-2012-1734 2012-07-17 2014-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
39 CVE-2012-1705 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
40 CVE-2012-1697 2012-05-03 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
41 CVE-2012-1696 2012-05-03 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
42 CVE-2012-1690 2012-05-03 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
43 CVE-2012-1689 2012-07-17 2014-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
44 CVE-2012-1688 2012-05-03 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
45 CVE-2012-0583 2012-05-03 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
46 CVE-2012-0578 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
47 CVE-2012-0574 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
48 CVE-2012-0572 2013-01-16 2014-02-20
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
49 CVE-2012-0540 2012-07-17 2014-10-10
4.0
None Remote Low Single system None None Partial
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
50 CVE-2012-0496 2012-01-18 2014-02-20
4.3
None Remote Medium Multiple systems Partial Partial None
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Total number of vulnerabilities : 108   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.