Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mysql vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-7494
Samba since version 3.5.0 and prior to 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Samba Samba
Debian Debian Linux 8.0
2 EDB exploits
2 Nmap scripts
123 Github repositories
3 Articles
10
CVSSv2
CVE-2014-9906
Use-after-free vulnerability in DBD::mysql prior to 4.029 allows malicious users to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
Debian Debian Linux 8.0
Dbd-mysql Project Dbd-mysql
10
CVSSv2
CVE-2013-4316
Apache Struts 2.0.0 up to and including 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.
Apache Struts 2.3.12
Apache Struts 2.3.1.2
Apache Struts 2.3.1.1
Apache Struts 2.3.1
Apache Struts 2.0.9
Apache Struts 2.0.8
Apache Struts 2.0.7
Apache Struts 2.0.6
Apache Struts 2.0.0
Apache Struts 2.3.15.1
Apache Struts 2.3.4.1
Apache Struts 2.3.4
Apache Struts 2.3.3
Apache Struts 2.3.15
Apache Struts 2.1.8.1
Apache Struts 2.1.8
Apache Struts 2.1.6
Apache Struts 2.1.5
Apache Struts 2.1.4
Apache Struts 2.0.14
Apache Struts 2.0.13
Apache Struts 2.0.12
10
CVSSv2
CVE-2012-2750
Unspecified vulnerability in MySQL 5.5.x prior to 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
Oracle Mysql
Mariadb Mariadb
Debian Debian Linux 6.0
10
CVSSv2
CVE-2008-7251
libraries/File.class.php in phpMyAdmin 2.11.x prior to 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.
Phpmyadmin Phpmyadmin 2.11.0rc1
Phpmyadmin Phpmyadmin 2.11.5.2
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.6rc1
Phpmyadmin Phpmyadmin 2.11.2.0
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.1.0
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.9.6
Phpmyadmin Phpmyadmin 2.11.9.4
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.0beta1
Phpmyadmin Phpmyadmin 2.11.5rc1
Phpmyadmin Phpmyadmin 2.11.2.1
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.3.0
Phpmyadmin Phpmyadmin 2.11.9.2
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.0.0
Phpmyadmin Phpmyadmin 2.11.8
Phpmyadmin Phpmyadmin 2.11.7
10
CVSSv2
CVE-2008-7252
libraries/File.class.php in phpMyAdmin 2.11.x prior to 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.
Phpmyadmin Phpmyadmin 2.11.3rc1
Phpmyadmin Phpmyadmin 2.11.3
Phpmyadmin Phpmyadmin 2.11.9
Phpmyadmin Phpmyadmin 2.11.0beta1
Phpmyadmin Phpmyadmin 2.11.9.0
Phpmyadmin Phpmyadmin 2.11.6.0
Phpmyadmin Phpmyadmin 2.11.9.1
Phpmyadmin Phpmyadmin 2.11.2
Phpmyadmin Phpmyadmin 2.11.2.2
Phpmyadmin Phpmyadmin 2.11.4
Phpmyadmin Phpmyadmin 2.11.0.0
Phpmyadmin Phpmyadmin 2.11.9.5
Phpmyadmin Phpmyadmin 2.11.7
Phpmyadmin Phpmyadmin 2.11.1rc1
Phpmyadmin Phpmyadmin 2.11.0rc1
Phpmyadmin Phpmyadmin 2.11.7.0
Phpmyadmin Phpmyadmin 2.11.6
Phpmyadmin Phpmyadmin 2.11.9.3
Phpmyadmin Phpmyadmin 2.11.1.2
Phpmyadmin Phpmyadmin 2.11.5.0
Phpmyadmin Phpmyadmin 2.11.1
Phpmyadmin Phpmyadmin 2.11.9.4
10
CVSSv2
CVE-2009-3102
The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x prior to 2.1.1 allows remote malicious users to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
Zmanda Zrm For My Sql 2.1
10
CVSSv2
CVE-2009-0617
Cisco Application Networking Manager (ANM) prior to 2.0 uses a default MySQL root password, which makes it easier for remote malicious users to execute arbitrary operating-system commands or change system files.
Cisco Application Networking Manager
Cisco Application Networking Manager 1.1
10
CVSSv2
CVE-2007-2429
ManageEngine PasswordManager Pro (PMP) allows remote malicious users to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of t...
Manageengine Passwordmanager Pro
1 EDB exploit
10
CVSSv2
CVE-2006-5675
Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite prior to 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these s...
Pentaho Business Intelligence Suite 1.2 Rc2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »