Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mysql
(Oracle)| Repositories |
• https://github.com/madler/zlib
• https://github.com/mysql/mysql-server • https://github.com/MariaDB/server |
| #Vulnerabilities | 1237 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-05-02 | CVE-2005-0709 | MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit. | Mysql, Mysql | N/A | ||
| 2004-12-31 | CVE-2004-2149 | Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | Mysql | N/A | ||
| 2005-02-09 | CVE-2004-0957 | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. | Openpkg, Mysql, Enterprise_linux, Enterprise_linux_desktop, Suse_linux, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-0956 | MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. | Mysql, Suse_linux, Ubuntu_linux | N/A | ||
| 2004-11-03 | CVE-2004-0836 | Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | Debian_linux, Mysql | N/A | ||
| 2004-09-28 | CVE-2004-0457 | The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | Mysql | N/A | ||
| 2004-06-01 | CVE-2004-0388 | The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | Mysql | N/A | ||
| 2004-05-04 | CVE-2004-0381 | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | Mysql, Mysql | N/A | ||
| 2003-12-31 | CVE-2003-1480 | MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. | Mysql, Mysql | N/A | ||
| 2003-09-22 | CVE-2003-0780 | Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | Linux, Mysql, Mysql | N/A |