Filtered by vendor Oracle
Subscribe
Search
Total
8935 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0882 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 7.5 HIGH | N/A |
| Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE. | |||||
| CVE-2012-0583 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM. | |||||
| CVE-2013-1555 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition. | |||||
| CVE-2012-2749 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index. | |||||
| CVE-2012-1688 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML. | |||||
| CVE-2012-1689 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2012-1690 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703. | |||||
| CVE-2010-3835 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table. | |||||
| CVE-2013-1548 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.5 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types. | |||||
| CVE-2012-1696 | 2 Mysql, Oracle | 5 Mysql, Mysql Community Server, Mysql Server and 2 more | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2009-0819 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure. | |||||
| CVE-2012-1697 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition. | |||||
| CVE-2012-1702 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2013-1506 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 2.8 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking. | |||||
| CVE-2013-2392 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2013-2391 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.0 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install. | |||||
| CVE-2013-2389 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||
| CVE-2010-3683 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request. | |||||
| CVE-2010-3682 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function. | |||||
| CVE-2010-3839 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements. | |||||
| CVE-2010-3840 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points. | |||||
| CVE-2010-3681 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure. | |||||
| CVE-2010-3680 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure. | |||||
| CVE-2012-0120 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492. | |||||
| CVE-2014-0386 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||||
| CVE-2014-0393 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.3 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB. | |||||
| CVE-2014-0401 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2014-0402 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking. | |||||
| CVE-2012-0119 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. | |||||
| CVE-2012-1734 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2014-0437 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.5 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. | |||||
| CVE-2012-2102 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.5 LOW | N/A |
| MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT. | |||||
| CVE-2012-3197 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.5 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication. | |||||
| CVE-2013-3802 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search. | |||||
| CVE-2012-0485 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492. | |||||
| CVE-2012-3180 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2012-3173 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin. | |||||
| CVE-2012-0112 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 3.5 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492. | |||||
| CVE-2013-3808 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options. | |||||
| CVE-2013-3804 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2012-0113 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118. | |||||
| CVE-2012-3150 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2012-1705 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. | |||||
| CVE-2012-0540 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension. | |||||
| CVE-2013-5908 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 2.6 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling. | |||||
| CVE-2011-2262 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2013-0383 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking. | |||||
| CVE-2014-0412 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. | |||||
| CVE-2012-0118 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113. | |||||
| CVE-2006-3486 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2019-12-17 | 2.1 LOW | N/A |
| ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability. | |||||