Total
1194 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2450 | 1 Oracle | 1 Mysql | 2014-04-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||||
| CVE-2014-2444 | 1 Oracle | 1 Mysql | 2014-04-16 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to InnoDB. | |||||
| CVE-2014-2442 | 1 Oracle | 1 Mysql | 2014-04-16 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM. | |||||
| CVE-2014-2451 | 1 Oracle | 1 Mysql | 2014-04-16 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges. | |||||
| CVE-2013-2381 | 1 Oracle | 1 Mysql | 2014-02-20 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges. | |||||
| CVE-2013-2395 | 1 Oracle | 1 Mysql | 2014-02-20 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567. | |||||
| CVE-2013-1567 | 1 Oracle | 1 Mysql | 2014-02-20 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395. | |||||
| CVE-2013-1570 | 1 Oracle | 1 Mysql | 2014-02-20 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached. | |||||
| CVE-2013-1566 | 1 Oracle | 1 Mysql | 2014-02-20 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||
| CVE-2012-2122 | 2 Mariadb, Oracle | 2 Mariadb, Mysql | 2014-02-20 | 5.1 MEDIUM | N/A |
| sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value. | |||||
| CVE-2013-3796 | 1 Oracle | 1 Mysql | 2013-10-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2013-3795 | 1 Oracle | 1 Mysql | 2013-10-10 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language. | |||||
| CVE-2013-3798 | 1 Oracle | 1 Mysql | 2013-10-10 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached. | |||||
| CVE-2012-5383 | 1 Oracle | 1 Mysql | 2013-03-01 | 6.2 MEDIUM | N/A |
| ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation. | |||||