U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:oracle:mysql:5.0.66:sp1:*:*:*:*:*:*
  • CPE Name Search: true
There are 183 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2013-3806

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-3798

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2013-3796

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-3795

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-2395

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.

Published: April 17, 2013; 1:55:06 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-2381

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.

Published: April 17, 2013; 1:55:06 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2013-1570

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.

Published: April 17, 2013; 1:55:03 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-1567

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.

Published: April 17, 2013; 8:19:45 AM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2013-1566

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Published: April 17, 2013; 8:19:45 AM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2012-4414

Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.

Published: January 22, 2013; 6:55:02 PM -0500
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2012-3156

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

Published: October 16, 2012; 7:55:04 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2012-3149

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.

Published: October 16, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2012-3147

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.

Published: October 16, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2012-3144

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.

Published: October 16, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-4452

MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.

Published: October 09, 2012; 7:55:05 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-1696

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Published: May 03, 2012; 6:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-0583

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.

Published: May 03, 2012; 6:55:02 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2010-3682

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.

Published: January 11, 2011; 3:00:01 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2010-3677

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.

Published: January 11, 2011; 3:00:01 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2010-2008

MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.

Published: July 13, 2010; 4:30:01 PM -0400
V3.x:(not available)
V2.0: 3.5 LOW