Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mysql
(Oracle)| Repositories |
• https://github.com/madler/zlib
• https://github.com/mysql/mysql-server • https://github.com/MariaDB/server |
| #Vulnerabilities | 1239 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-02-09 | CVE-2001-1453 | Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. | Mysql | N/A | ||
| 2001-01-19 | CVE-2001-1275 | MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking. | Mysql | N/A | ||
| 2001-01-23 | CVE-2001-1274 | Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. | Mysql | N/A | ||
| 2001-10-02 | CVE-2001-1255 | WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database. | Winmysqladmin, Mysql | N/A | ||
| 2001-06-27 | CVE-2001-0407 | Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). | Mysql | N/A | ||
| 2000-12-19 | CVE-2000-0981 | MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password. | Mysql | N/A | ||
| 2000-02-08 | CVE-2000-0148 | MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string. | Mysql | N/A | ||
| 2000-01-11 | CVE-2000-0045 | MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege. | Mysql | N/A | ||
| 1998-12-27 | CVE-1999-1188 | mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | Mysql | N/A | ||
| 2017-08-08 | CVE-2017-3652 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized... | Debian_linux, Mysql | 4.2 |