Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mysql
(Oracle)| Repositories |
• https://github.com/madler/zlib
• https://github.com/mysql/mysql-server • https://github.com/MariaDB/server |
| #Vulnerabilities | 1239 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-02-09 | CVE-2004-0957 | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. | Openpkg, Mysql, Enterprise_linux, Enterprise_linux_desktop, Suse_linux, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-0956 | MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote. | Mysql, Suse_linux, Ubuntu_linux | N/A | ||
| 2004-11-03 | CVE-2004-0836 | Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). | Debian_linux, Mysql | N/A | ||
| 2004-09-28 | CVE-2004-0457 | The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | Mysql | N/A | ||
| 2004-06-01 | CVE-2004-0388 | The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | Mysql | N/A | ||
| 2004-05-04 | CVE-2004-0381 | mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | Mysql, Mysql | N/A | ||
| 2003-12-31 | CVE-2003-1480 | MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. | Mysql, Mysql | N/A | ||
| 2003-09-22 | CVE-2003-0780 | Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | Linux, Mysql, Mysql | N/A | ||
| 2004-11-03 | CVE-2004-0835 | MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities. | Debian_linux, Mysql, Mysql | N/A | ||
| 2003-12-31 | CVE-2003-1331 | Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453. | Mysql | N/A |