Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle mysql 3.23.49 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2004-0836
Buffer overflow in the mysql_real_connect function in MySQL 4.x prior to 4.0.21, and 3.x prior to 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
Oracle Mysql
Debian Debian Linux 3.0
9
CVSSv2
CVE-2003-0780
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and previous versions, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
Oracle Mysql 3.23.25
Oracle Mysql 3.23.26
Oracle Mysql 3.23.32
Oracle Mysql 3.23.33
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
Oracle Mysql 3.23.54a
Oracle Mysql 3.23.55
Oracle Mysql 4.0.11
Oracle Mysql 4.0.5
Oracle Mysql 4.0.5a
Oracle Mysql 4.0.6
Mysql Mysql 4.1.0
Oracle Mysql 3.23.2
Oracle Mysql 3.23.22
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.37
Oracle Mysql 3.23.38
2 EDB exploits
9
CVSSv2
CVE-2003-0150
MySQL 3.23.55 and previous versions creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my....
Oracle Mysql 3.23.53a
Oracle Mysql 3.23.54
Oracle Mysql 3.23.54a
Oracle Mysql 3.23.55
Oracle Mysql 3.23.52
Oracle Mysql 3.23.53
1 EDB exploit
7.5
CVSSv2
CVE-2002-1809
The default configuration of the Windows binary release of MySQL 3.23.2 up to and including 3.23.52 has a NULL root password, which could allow remote malicious users to gain unauthorized root access to the MySQL database.
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.26
Oracle Mysql 3.23.27
Oracle Mysql 3.23.41
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.23.44
Oracle Mysql 3.23.45
Oracle Mysql 3.23.2
Oracle Mysql 3.23.29
Oracle Mysql 3.23.30
Oracle Mysql 3.23.38
Oracle Mysql 3.23.4
Oracle Mysql 3.23.46
Oracle Mysql 3.23.48
Oracle Mysql 3.23.9
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.37
Oracle Mysql 3.23.5
1 EDB exploit
7.5
CVSSv2
CVE-2002-1921
The default configuration of MySQL 3.20.32 up to and including 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote malicious users to connect to the database.
Oracle Mysql 3.20.32a
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.45
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.48
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.37
Oracle Mysql 3.23.38
Oracle Mysql 3.23.39
Oracle Mysql 3.23.4
Oracle Mysql 3.23.52
Oracle Mysql 3.23.8
Oracle Mysql 3.23.9
Oracle Mysql 3.22.26
Oracle Mysql 3.22.28
Oracle Mysql 3.22.30
7.5
CVSSv2
CVE-2002-1923
The default configuration in MySQL 3.20.32 up to and including 3.23.52, when running on Windows, does not have logging enabled, which could allow remote malicious users to conduct activities without detection.
Oracle Mysql 3.23.23
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.26
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.22.26
Oracle Mysql 3.22.27
Oracle Mysql 3.22.28
Oracle Mysql 3.22.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.30
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
Oracle Mysql 3.23.5
Oracle Mysql 3.23.50
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.20.32a
7.5
CVSSv2
CVE-2002-1374
The COM_CHANGE_USER command in MySQL 3.x prior to 3.23.54, and 4.x prior to 4.0.6, allows remote malicious users to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the...
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.39
Oracle Mysql 3.23.4
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53a
Oracle Mysql 3.23.8
Symantec Veritas Netbackup Advanced Reporter 3.4
Symantec Veritas Netbackup Advanced Reporter 4.5
Symantec Veritas Netbackup Global Data Manager 4.5
Symantec Veritas Netbackup Global Data Manager 4.5 Fp1
Oracle Mysql 3.22.26
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.30
Oracle Mysql 3.23.31
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.23.48
1 EDB exploit
7.5
CVSSv2
CVE-2002-1375
The COM_CHANGE_USER command in MySQL 3.x prior to 3.23.54, and 4.x to 4.0.6, allows remote malicious users to execute arbitrary code via a long response.
Oracle Mysql 3.22.27
Oracle Mysql 3.22.28
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.23.5
Oracle Mysql 3.23.50
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Symantec Veritas Netbackup Advanced Reporter 4.5 Fp3
Symantec Veritas Netbackup Advanced Reporter 4.5 Mp1
Symantec Veritas Netbackup Global Data Manager 4.5 Mp1
Symantec Veritas Netbackup Global Data Manager 4.5 Mp2
Oracle Mysql 3.22.29
Oracle Mysql 3.22.30
Oracle Mysql 3.23.26
Oracle Mysql 3.23.27
Oracle Mysql 3.23.37
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2002-1376
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote malicious users to cause a denial of service and possibly execute arbitrary...
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.38
Oracle Mysql 3.23.39
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53
Oracle Mysql 3.23.53a
Oracle Mysql 4.0.5a
Symantec Veritas Netbackup Advanced Reporter 3.4
Symantec Veritas Netbackup Global Data Manager 4.5
Symantec Veritas Netbackup Global Data Manager 4.5 Fp1
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.3
Oracle Mysql 3.23.30
Oracle Mysql 3.23.4
Oracle Mysql 3.23.40
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
6.8
CVSSv2
CVE-2004-0957
Unknown vulnerability in MySQL 3.23.58 and previous versions, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activitie...
Oracle Mysql 3.21
Oracle Mysql 3.22
Oracle Mysql 3.23
Oracle Mysql 3.23.10
Oracle Mysql 3.23.27
Oracle Mysql 3.23.28
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.23.5
Oracle Mysql 3.23.50
Oracle Mysql 3.23.56
Oracle Mysql 3.23.58
Oracle Mysql 4.0.11
Oracle Mysql 4.0.20
Oracle Mysql 4.0.3
Oracle Mysql 3.22.28
Oracle Mysql 3.22.29
Oracle Mysql 3.23.23
Oracle Mysql 3.23.24
Oracle Mysql 3.23.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »