Oracle MySQL vulnerabilities

1,328 known vulnerabilities affecting oracle/mysql.

Total CVEs

1,328

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL12HIGH71MEDIUM1064LOW181

Vulnerabilities

Page 62 of 67

CVE-2012-0484MEDIUMCVSS 4.0v5.1v5.1.1+106 more2012-01-18

CVE-2012-0484 [MEDIUM] CVE-2012-0484: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.

nvd

CVE-2012-0115MEDIUMCVSS 4.0v5.1v5.1.1+80 more2012-01-18

CVE-2012-0115 [MEDIUM] CVE-2012-0115: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

nvd

CVE-2012-0490MEDIUMCVSS 4.0v5.1v5.1.1+106 more2012-01-18

CVE-2012-0490 [MEDIUM] CVE-2012-0490: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.

nvd

CVE-2012-0116MEDIUMCVSS 4.9v5.1v5.1.1+80 more2012-01-18

CVE-2012-0116 [MEDIUM] CVE-2012-0116: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

nvd

CVE-2012-0491MEDIUMCVSS 4.0v5.5.0v5.5.1+20 more2012-01-18

CVE-2012-0491 [MEDIUM] CVE-2012-0491: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.

nvd

CVE-2012-0488MEDIUMCVSS 4.0v5.5.0v5.5.1+20 more2012-01-18

CVE-2012-0488 [MEDIUM] CVE-2012-0488: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.

nvd

CVE-2012-0120MEDIUMCVSS 4.0v5.1v5.1.1+80 more2012-01-18

CVE-2012-0120 [MEDIUM] CVE-2012-0120: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.

nvd

CVE-2012-0492LOWCVSS 2.1v5.1v5.1.1+80 more2012-01-18

CVE-2012-0492 [LOW] CVE-2012-0492: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.

nvd

CVE-2012-0493LOWCVSS 2.1v5.5.0v5.5.1+20 more2012-01-18

CVE-2012-0493 [LOW] CVE-2012-0493: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.

nvd

CVE-2012-0117LOWCVSS 3.5v5.5.0v5.5.1+20 more2012-01-18

CVE-2012-0117 [LOW] CVE-2012-0117: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenti Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.

nvd

CVE-2012-0494LOWCVSS 1.7v5.5.0v5.5.1+20 more2012-01-18

CVE-2012-0494 [LOW] CVE-2012-0494: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.

nvd

CVE-2012-0112LOWCVSS 3.5v5.1v5.1.1+80 more2012-01-18

CVE-2012-0112 [LOW] CVE-2012-0112: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remot Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

nvd

CVE-2012-0075LOWCVSS 1.7v5.1v5.1.1+106 more2012-01-18

CVE-2012-0075 [LOW] CVE-2012-0075: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.

nvd

CVE-2012-0114LOWCVSS 3.0v5.1v5.1.1+106 more2012-01-18

CVE-2012-0114 [LOW] CVE-2012-0114: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allo Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.

nvd

CVE-2010-3839MEDIUMCVSS 4.0v5.1v5.1.1+53 more2011-01-14

CVE-2010-3839 [MEDIUM] CVE-2010-3839: MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.

nvd

CVE-2010-3834MEDIUMCVSS 4.0v5.1v5.1.1+93 more2011-01-14

CVE-2010-3834 [MEDIUM] CVE-2010-3834: Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."

nvd

CVE-2010-3836MEDIUMCVSS 4.0v5.1v5.1.1+93 more2011-01-14

CVE-2010-3836 [MEDIUM] CWE-399 CVE-2010-3836: MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users t MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.

nvd

CVE-2010-3835MEDIUMCVSS 4.0v5.1v5.1.1+53 more2011-01-14

CVE-2010-3835 [MEDIUM] CWE-189 CVE-2010-3835: MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expr

nvd

CVE-2010-3840MEDIUMCVSS 4.0v5.1v5.1.1+47 more2011-01-14

CVE-2010-3840 [MEDIUM] CVE-2010-3840: The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remo The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.

nvd

CVE-2010-3838MEDIUMCVSS 4.0v5.1v5.1.1+93 more2011-01-14

CVE-2010-3838 [MEDIUM] CVE-2010-3838: MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users t MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary t

nvd

← Previous62 / 67Next →