Oracle

Mysql

1386 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2005-0710

Exploit
  • EPSS 24.22%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is pr...

2.1

CVE-2005-0711

Exploit
  • EPSS 0.35%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.

4.6

CVE-2005-0004

  • EPSS 0.04%
  • Veröffentlicht 14.04.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.

5

CVE-2005-0799

Exploit
  • EPSS 2.12%
  • Veröffentlicht 15.03.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.

6.8

CVE-2004-0957

  • EPSS 0.48%
  • Veröffentlicht 09.02.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized...

5

CVE-2004-0956

  • EPSS 1.05%
  • Veröffentlicht 10.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.

5

CVE-2004-2149

Exploit
  • EPSS 2.2%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.

7.5

CVE-2004-0835

Exploit
  • EPSS 3.65%
  • Veröffentlicht 03.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauth...

10

CVE-2004-0836

Exploit
  • EPSS 2.73%
  • Veröffentlicht 03.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length...

2.6

CVE-2004-0837

Exploit
  • EPSS 2.36%
  • Veröffentlicht 03.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.