Mysql

Mysql

93 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2007-6304

Exploit
  • EPSS 4.85%
  • Published 10.12.2007 21:46:00
  • Last modified 09.04.2025 00:30:58

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) vi...

3.5

CVE-2007-6303

Exploit
  • EPSS 0.46%
  • Published 10.12.2007 21:46:00
  • Last modified 09.04.2025 00:30:58

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE S...

4

CVE-2007-5925

  • EPSS 10.02%
  • Published 10.11.2007 02:46:00
  • Last modified 09.04.2025 00:30:58

The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, wh...

3.5

CVE-2007-2693

  • EPSS 0.48%
  • Published 16.05.2007 01:19:00
  • Last modified 09.04.2025 00:30:58

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.

6

CVE-2007-2692

  • EPSS 0.71%
  • Published 16.05.2007 01:19:00
  • Last modified 09.04.2025 00:30:58

The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.

4.9

CVE-2007-2691

  • EPSS 1.04%
  • Published 16.05.2007 01:19:00
  • Last modified 09.04.2025 00:30:58

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

2.1

CVE-2007-1420

Exploit
  • EPSS 0.06%
  • Published 12.03.2007 23:19:00
  • Last modified 09.04.2025 00:30:58

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialize...

3.5

CVE-2006-7232

  • EPSS 1.89%
  • Published 31.12.2006 05:00:00
  • Last modified 09.04.2025 00:30:58

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

2.1

CVE-2006-4380

Exploit
  • EPSS 0.06%
  • Published 28.08.2006 18:04:00
  • Last modified 03.04.2025 01:03:51

MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.

6.5

CVE-2006-4227

Exploit
  • EPSS 11.49%
  • Published 18.08.2006 20:04:00
  • Last modified 03.04.2025 01:03:51

MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has bee...