Total
1284 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-0113 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118. | |||||
CVE-2012-0112 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 3.5 LOW | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. | |||||
CVE-2012-0102 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101. | |||||
CVE-2012-0101 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102. | |||||
CVE-2012-0087 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102. | |||||
CVE-2012-0075 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 1.7 LOW | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors. | |||||
CVE-2011-2262 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors. | |||||
CVE-2010-3840 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points. | |||||
CVE-2010-3839 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements. | |||||
CVE-2010-3838 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table." | |||||
CVE-2010-3837 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object. | |||||
CVE-2010-3836 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers. | |||||
CVE-2010-3835 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table. | |||||
CVE-2010-3834 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments." | |||||
CVE-2010-3833 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 5.0 MEDIUM | N/A |
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT." | |||||
CVE-2010-3683 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request. | |||||
CVE-2010-3682 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. | |||||
CVE-2010-3681 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. | |||||
CVE-2010-3680 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure. | |||||
CVE-2010-3679 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-11-21 | 4.0 MEDIUM | N/A |
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind. |