Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mysql vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-0056
Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x prior to 0.6.2 and 0.7.x prior to 0.7pre3 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via crafted pas...
Pam-mysql Pam-mysql 0.1
Pam-mysql Pam-mysql 0.2
Pam-mysql Pam-mysql 0.7 Pre2
Pam-mysql Pam-mysql 0.6
Pam-mysql Pam-mysql 0.7 Pre1
Pam-mysql Pam-mysql 0.3
Pam-mysql Pam-mysql 0.4
Pam-mysql Pam-mysql 0.4.7
Pam-mysql Pam-mysql 0.5
312
VMScore
CVE-2013-2381
Unspecified vulnerability in Oracle MySQL 5.6.10 and previous versions allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
Oracle Mysql 5.6.7
Oracle Mysql 5.6.8
Oracle Mysql 5.5.23
Oracle Mysql 5.5.22
Oracle Mysql 5.5.19
Oracle Mysql 5.5.18
Oracle Mysql 5.5.11
Oracle Mysql 5.5.10
Oracle Mysql 5.1.61
Oracle Mysql 5.1.58
Oracle Mysql 5.1.59
Oracle Mysql
Oracle Mysql 5.6.5
Oracle Mysql 5.6.1
Oracle Mysql 5.5.26
Oracle Mysql 5.5.27
Oracle Mysql 5.5.28
Oracle Mysql 5.5.17
Oracle Mysql 5.5.16
Oracle Mysql 5.1.67
Oracle Mysql 5.1.62
Oracle Mysql 5.1.56
910
VMScore
CVE-2003-0780
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and previous versions, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
Oracle Mysql 3.23.25
Oracle Mysql 3.23.26
Oracle Mysql 3.23.32
Oracle Mysql 3.23.33
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
Oracle Mysql 3.23.54a
Oracle Mysql 3.23.55
Oracle Mysql 4.0.11
Oracle Mysql 4.0.5
Oracle Mysql 4.0.5a
Oracle Mysql 4.0.6
Mysql Mysql 4.1.0
Oracle Mysql 3.23.2
Oracle Mysql 3.23.22
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.37
Oracle Mysql 3.23.38
2 EDB exploits
445
VMScore
CVE-2002-1373
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x prior to 3.23.54 allows remote malicious users to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
Oracle Mysql 3.22.29
Oracle Mysql 3.22.30
Oracle Mysql 3.23.26
Oracle Mysql 3.23.27
Oracle Mysql 3.23.28
Oracle Mysql 3.23.37
Oracle Mysql 3.23.38
Oracle Mysql 3.23.44
Oracle Mysql 3.23.45
Oracle Mysql 3.23.52
Oracle Mysql 3.23.53
Oracle Mysql 4.0.3
Oracle Mysql 4.0.5a
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.39
Oracle Mysql 3.23.4
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.53a
755
VMScore
CVE-2002-1809
The default configuration of the Windows binary release of MySQL 3.23.2 up to and including 3.23.52 has a NULL root password, which could allow remote malicious users to gain unauthorized root access to the MySQL database.
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.26
Oracle Mysql 3.23.27
Oracle Mysql 3.23.41
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.23.44
Oracle Mysql 3.23.45
Oracle Mysql 3.23.2
Oracle Mysql 3.23.29
Oracle Mysql 3.23.30
Oracle Mysql 3.23.38
Oracle Mysql 3.23.4
Oracle Mysql 3.23.46
Oracle Mysql 3.23.48
Oracle Mysql 3.23.9
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.37
Oracle Mysql 3.23.5
1 EDB exploit
632
VMScore
CVE-2007-5969
MySQL Community Server 5.0.x prior to 5.0.51, Enterprise Server 5.0.x prior to 5.0.52, Server 5.1.x prior to 5.1.23, and Server 6.0.x prior to 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated u...
Mysql Mysql Server 6.0
Mysql Mysql Server 6.0.3
Mysql Mysql Server 6.0.1
Mysql Mysql Server 5.1.22
Mysql Mysql Server 6.0.2
Mysql Community Server 5.0.45
Mysql Community Server 5.0.41
Mysql Community Server 5.0.44
Mysql Community Server
Mysql Mysql Enterprise Server 5.0.50
668
VMScore
CVE-2002-1921
The default configuration of MySQL 3.20.32 up to and including 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote malicious users to connect to the database.
Oracle Mysql 3.20.32a
Oracle Mysql 3.23.28
Oracle Mysql 3.23.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.45
Oracle Mysql 3.23.46
Oracle Mysql 3.23.47
Oracle Mysql 3.23.48
Oracle Mysql 3.22.32
Oracle Mysql 3.23.10
Oracle Mysql 3.23.2
Oracle Mysql 3.23.23
Oracle Mysql 3.23.37
Oracle Mysql 3.23.38
Oracle Mysql 3.23.39
Oracle Mysql 3.23.4
Oracle Mysql 3.23.52
Oracle Mysql 3.23.8
Oracle Mysql 3.23.9
Oracle Mysql 3.22.26
Oracle Mysql 3.22.28
Oracle Mysql 3.22.30
668
VMScore
CVE-2002-1923
The default configuration in MySQL 3.20.32 up to and including 3.23.52, when running on Windows, does not have logging enabled, which could allow remote malicious users to conduct activities without detection.
Oracle Mysql 3.23.23
Oracle Mysql 3.23.24
Oracle Mysql 3.23.25
Oracle Mysql 3.23.26
Oracle Mysql 3.23.40
Oracle Mysql 3.23.41
Oracle Mysql 3.22.26
Oracle Mysql 3.22.27
Oracle Mysql 3.22.28
Oracle Mysql 3.22.29
Oracle Mysql 3.23.3
Oracle Mysql 3.23.30
Oracle Mysql 3.23.31
Oracle Mysql 3.23.34
Oracle Mysql 3.23.36
Oracle Mysql 3.23.48
Oracle Mysql 3.23.49
Oracle Mysql 3.23.5
Oracle Mysql 3.23.50
Oracle Mysql 3.23.42
Oracle Mysql 3.23.43
Oracle Mysql 3.20.32a
312
VMScore
CVE-2012-3156
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and previous versions allows remote authenticated users to affect availability via unknown vectors related to Server.
Oracle Mysql
Oracle Mysql 5.5.24
Oracle Mysql 5.5.16
Oracle Mysql 5.5.15
Oracle Mysql 5.5.7
Oracle Mysql 5.5.0
Oracle Mysql 5.5.21
Oracle Mysql 5.5.20
Oracle Mysql 5.5.12
Oracle Mysql 5.5.11
Oracle Mysql 5.5.4
Oracle Mysql 5.5.3
Oracle Mysql 5.5.19
Oracle Mysql 5.5.18
Oracle Mysql 5.5.17
Oracle Mysql 5.5.10
Oracle Mysql 5.5.9
Oracle Mysql 5.5.2
Oracle Mysql 5.5.1
Oracle Mysql 5.5.23
Oracle Mysql 5.5.22
Oracle Mysql 5.5.14
356
VMScore
CVE-2012-3144
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and previous versions allows remote authenticated users to affect availability via unknown vectors related to Server.
Oracle Mysql
Oracle Mysql 5.5.21
Oracle Mysql 5.5.20
Oracle Mysql 5.5.6
Oracle Mysql 5.5.16
Oracle Mysql 5.5.2
Oracle Mysql 5.5.11
Oracle Mysql 5.5.22
Oracle Mysql 5.5.24
Oracle Mysql 5.5.25
Oracle Mysql 5.5.18
Oracle Mysql 5.5.14
Oracle Mysql 5.5.4
Oracle Mysql 5.5.5
Oracle Mysql 5.5.17
Oracle Mysql 5.5.1
Oracle Mysql 5.5.13
Oracle Mysql 5.5.12
Oracle Mysql 5.5.10
Oracle Mysql 5.5.23
Oracle Mysql 5.5.9
Oracle Mysql 5.5.19
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »