Mysql

Mysql

93 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2007-6304

Exploit
  • EPSS 4.85%
  • Veröffentlicht 10.12.2007 21:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) vi...

3.5

CVE-2007-6303

Exploit
  • EPSS 0.55%
  • Veröffentlicht 10.12.2007 21:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE S...

4

CVE-2007-5925

  • EPSS 10.43%
  • Veröffentlicht 10.11.2007 02:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, wh...

3.5

CVE-2007-2693

  • EPSS 0.48%
  • Veröffentlicht 16.05.2007 01:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.

6

CVE-2007-2692

  • EPSS 0.71%
  • Veröffentlicht 16.05.2007 01:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.

4.9

CVE-2007-2691

  • EPSS 1.04%
  • Veröffentlicht 16.05.2007 01:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.

2.1

CVE-2007-1420

Exploit
  • EPSS 0.06%
  • Veröffentlicht 12.03.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialize...

3.5

CVE-2006-7232

  • EPSS 1.89%
  • Veröffentlicht 31.12.2006 05:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.

2.1

CVE-2006-4380

Exploit
  • EPSS 0.06%
  • Veröffentlicht 28.08.2006 18:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.

6.5

CVE-2006-4227

Exploit
  • EPSS 11.49%
  • Veröffentlicht 18.08.2006 20:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has bee...