Search CVE reports
111 – 120 of 122 results
Some fixes available 5 of 7
The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that...
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 5 of 7
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete...
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 5 of 7
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 2 of 3
The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 2 of 6
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute...
4 affected packages
mysql-5.1, mysql-cluster-7.0, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-cluster-7.0 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 8 of 10
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2,...
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 8 of 12
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with...
5 affected packages
mysql-5.1, mysql-dfsg, mysql-dfsg-4.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg | — | — | — | — |
| mysql-dfsg-4.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 5 of 9
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of...
5 affected packages
mysql-5.1, mysql-dfsg, mysql-dfsg-4.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg | — | — | — | — |
| mysql-dfsg-4.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
Some fixes available 4 of 5
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly...
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue()...
3 affected packages
mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mysql-5.1 | — | — | — | — |
| mysql-dfsg-5.0 | — | — | — | — |
| mysql-dfsg-5.1 | — | — | — | — |