) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:oracle:mysql:5.5.11
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2012-5612 |
Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands. Published: December 03, 2012; 7:49:43 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.5 MEDIUM |
| CVE-2012-3197 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication. Published: October 16, 2012; 8:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
| CVE-2012-3180 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Published: October 16, 2012; 8:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-3177 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server. Published: October 16, 2012; 8:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2012-3173 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin. Published: October 16, 2012; 8:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-3167 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search. Published: October 16, 2012; 8:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
| CVE-2012-3166 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Published: October 16, 2012; 8:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-3163 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. Published: October 16, 2012; 8:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.0 HIGH |
| CVE-2012-3160 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation. Published: October 16, 2012; 7:55:04 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
| CVE-2012-3158 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol. Published: October 16, 2012; 7:55:04 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2012-3156 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. Published: October 16, 2012; 7:55:04 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
| CVE-2012-3150 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. Published: October 16, 2012; 7:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-3149 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client. Published: October 16, 2012; 7:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
| CVE-2012-3147 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client. Published: October 16, 2012; 7:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |
| CVE-2012-3144 |
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server. Published: October 16, 2012; 7:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-2750 |
Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility. Published: August 16, 2012; 8:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2012-2749 |
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index. Published: August 16, 2012; 8:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-2102 |
MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. Published: August 16, 2012; 8:55:03 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
| CVE-2012-1757 |
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. Published: July 17, 2012; 7:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
| CVE-2012-1756 |
Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors. Published: July 17, 2012; 6:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |