Search Results (Refine Search)
- CPE Product Version: cpe:/a:mysql:mysql:5.1.38
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-15945 |
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera packages before 2017-09-29 have chown calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to the mysql account for creation of a link. Published: October 27, 2017; 5:29:00 PM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2010-3682 |
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. Published: January 11, 2011; 3:00:01 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2010-3677 |
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column. Published: January 11, 2011; 3:00:01 PM -0500 |
V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2010-1626 |
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247. Published: May 21, 2010; 1:30:01 PM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2010-1621 |
The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command. Published: May 14, 2010; 3:30:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |