U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:oracle:mysql:5.1.52:sp1
There are 27 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2013-2381

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.

Published: April 17, 2013; 1:55:06 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2013-1492

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.

Published: March 28, 2013; 7:55:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-0553

Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.

Published: March 28, 2013; 7:55:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-4414

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

Published: January 22, 2013; 6:55:02 PM -0500
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2012-0882

Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.

Published: December 21, 2012; 12:46:15 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-2749

MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.

Published: August 16, 2012; 8:55:03 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-2102

MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.

Published: August 16, 2012; 8:55:03 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2012-2122

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.

Published: June 26, 2012; 2:55:05 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM
CVE-2012-1696

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Published: May 03, 2012; 6:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0583

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.

Published: May 03, 2012; 6:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0492

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.

Published: January 18, 2012; 5:55:07 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-0490

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.

Published: January 18, 2012; 5:55:07 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0485

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.

Published: January 18, 2012; 5:55:07 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0484

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.

Published: January 18, 2012; 5:55:07 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0120

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.

Published: January 18, 2012; 5:55:06 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0119

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

Published: January 18, 2012; 5:55:06 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0118

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.

Published: January 18, 2012; 5:55:06 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2012-0116

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

Published: January 18, 2012; 5:55:06 PM -0500
V3.x:(not available)
V2.0: 4.9 MEDIUM
CVE-2012-0115

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.

Published: January 18, 2012; 5:55:06 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0114

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.

Published: January 18, 2012; 5:55:06 PM -0500
V3.x:(not available)
V2.0: 3.0 LOW