Oracle MySQL vulnerabilities

1,328 known vulnerabilities affecting oracle/mysql.

Total CVEs

1,328

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL12HIGH71MEDIUM1064LOW181

Vulnerabilities

Page 56 of 67

CVE-2013-5786MEDIUMCVSS 4.0≤ 5.6.12v5.6.0+11 more2013-10-16

CVE-2013-5786 [MEDIUM] CVE-2013-5786: Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated user Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5793.

nvd

CVE-2013-5807MEDIUMCVSS 4.9≥ 5.5.0, ≤ 5.5.32≥ 5.6.0, ≤ 5.6.122013-10-16

CVE-2013-5807 [MEDIUM] CVE-2013-5807: Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allow Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.

nvd

CVE-2013-5767MEDIUMCVSS 4.0≤ 5.6.12v5.6.0+11 more2013-10-16

CVE-2013-5767 [MEDIUM] CVE-2013-5767: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

nvd

CVE-2013-3839MEDIUMCVSS 4.0≥ 5.1.0, ≤ 5.1.70≥ 5.5.0, ≤ 5.5.32+1 more2013-10-16

CVE-2013-3839 [MEDIUM] CVE-2013-3839: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 a Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

nvd

CVE-2013-5793LOWCVSS 3.5≤ 5.6.12v5.6.0+11 more2013-10-16

CVE-2013-5793 [LOW] CVE-2013-5793: Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated user Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-5786.

nvd

CVE-2013-5770LOWCVSS 2.1≤ 5.6.11v5.6.0+10 more2013-10-16

CVE-2013-5770 [LOW] CVE-2013-5770: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.

nvd

CVE-2012-5627MEDIUMCVSS 4.0PoC≥ 5.5.0, < 5.5.292013-10-01

CVE-2012-5627 [MEDIUM] CWE-522 CVE-2012-5627: Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

nvd

CVE-2013-3808MEDIUMCVSS 4.0≥ 5.1.0, ≤ 5.1.68≥ 5.5.0, ≤ 5.5.30+1 more2013-07-17

CVE-2013-3808 [MEDIUM] CVE-2013-3808: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 a Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

nvd

CVE-2013-3805MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.30≥ 5.6.0, ≤ 5.6.102013-07-17

CVE-2013-3805 [MEDIUM] CVE-2013-3805: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.

nvd

CVE-2013-3794MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.30≥ 5.6.0, ≤ 5.6.102013-07-17

CVE-2013-3794 [MEDIUM] CVE-2013-3794: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

nvd

CVE-2013-3793MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.31≥ 5.6.0, ≤ 5.6.112013-07-17

CVE-2013-3793 [MEDIUM] CVE-2013-3793: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

nvd

CVE-2013-3796MEDIUMCVSS 4.0≤ 5.6.11v5.6.0+10 more2013-07-17

CVE-2013-3796 [MEDIUM] CVE-2013-3796: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

nvd

CVE-2013-3795MEDIUMCVSS 4.0≤ 5.6.11v5.6.0+10 more2013-07-17

CVE-2013-3795 [MEDIUM] CVE-2013-3795: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

nvd

CVE-2013-3798MEDIUMCVSS 5.8≤ 5.6.11v5.6.0+10 more2013-07-17

CVE-2013-3798 [MEDIUM] CVE-2013-3798: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.

nvd

CVE-2013-3801MEDIUMCVSS 5.0≥ 5.5.0, ≤ 5.5.30≥ 5.6.0, ≤ 5.6.102013-07-17

CVE-2013-3801 [MEDIUM] CVE-2013-3801: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

nvd

CVE-2013-3802MEDIUMCVSS 4.0≥ 5.1.0, ≤ 5.1.69≥ 5.5.0, ≤ 5.5.31+1 more2013-07-17

CVE-2013-3802 [MEDIUM] CVE-2013-3802: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 a Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.

nvd

CVE-2013-3806MEDIUMCVSS 4.0≤ 5.6.11v5.6.0+10 more2013-07-17

CVE-2013-3806 [MEDIUM] CVE-2013-3806: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.

nvd

CVE-2013-3807MEDIUMCVSS 4.0≤ 5.6.11v5.6.0+10 more2013-07-17

CVE-2013-3807 [MEDIUM] CVE-2013-3807: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.

nvd

CVE-2013-3783MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.312013-07-17

CVE-2013-3783 [MEDIUM] CVE-2013-3783: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows re Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.

nvd

CVE-2013-3809MEDIUMCVSS 4.0≥ 5.5.0, ≤ 5.5.31≥ 5.6.0, ≤ 5.6.112013-07-17

CVE-2013-3809 [MEDIUM] CVE-2013-3809: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.

nvd

← Previous56 / 67Next →