Mysql

mysql

Vendor: Mysql • 92 CVEs

CVEs (92)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2005-2558 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 Aug 16, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary...Show more Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.Show less
CVE-2005-1636 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 May 17, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by mo...Show more mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.Show less
CVE-2005-0711 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 2.1 LOW· v2 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink att...Show more MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.Show less
CVE-2005-0710 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the...Show more MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.Show less
CVE-2005-0709 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strc...Show more MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.Show less
CVE-2004-0628 1Mysql 1Mysql Apr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
CVE-2004-0627 1Mysql 1Mysql Apr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
CVE-2004-0837 3Debian MysqlOracle 3Debian Linux MysqlMysql Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 2.6 LOW· v2 MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
CVE-2004-0835 3Debian MysqlOracle 3Debian Linux MysqlMysql Apr 16, 2026 Nov 3, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could all...Show more MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.Show less
CVE-2004-0381 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 May 4, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
CVE-2003-1480 2Mysql Oracle 2Mysql Mysql Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 4.3 MEDIUM· v2 MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
CVE-2003-0780 3Conectiva MysqlOracle 3Linux MysqlMysql Apr 16, 2026 Sep 22, 2003 N/A· v4 N/A· v3 9.0 HIGH· v2 Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

Previous 1 2 3 45