Secunia SmallBusiness
Overview
Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading

Vulnerability Report: MySQL 5.x
This vulnerability report for MySQL 5.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in MySQL 5.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2013
2.2. Statistics for 2012
2.3. Statistics for 2011
2.4. Statistics for 2010
2.5. Statistics for 2009
2.6. Statistics for 2008
2.7. Statistics for 2007
2.8. Statistics for 2006
2.9. Statistics for 2005
2.10. Statistics for 2004
2.11. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2013
3.2. List for 2012
3.3. List for 2011
3.4. List for 2010
3.5. List for 2009
3.6. List for 2008
3.7. List for 2007
3.8. List for 2006
3.9. List for 2005
3.10. List for 2004
3.11. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor MySQL

Product Link View Here (Link to external site)

Affected By 39 Secunia advisories
173 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 8% (3 of 39 Secunia advisories)

Most Critical Unpatched
The most severe unpatched Secunia advisory affecting MySQL 5.x, with all vendor patches applied, is rated Moderately critical .




39 Secunia Advisories in 2003-2013
Secunia has issued a total of 39 Secunia advisories in 2003-2013 for MySQL 5.x. Currently, 8% (3 out of 39) are marked as unpatched with the most severe being rated Moderately critical

More information about the specific Secunia advisories affecting MySQL 5.x can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.



Oracle MySQL Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 5 in 2013. 803 views.
Release Date:
2013-04-17		 Secunia Advisory ID:
SA53022		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
Exposure of sensitive information
Privilege escalation
DoS
System access
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in Oracle MySQL, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges, by malicious users to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service). [Read More]

MySQL yaSSL TLS CBC Ciphersuite Plaintext Recovery Weakness
Vendor Patch. Secunia Advisory 2 of 5 in 2013. 1,378 views.
Release Date:
2013-03-21		 Secunia Advisory ID:
SA52669		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
 Where:
From local network
Short Description:
A weakness has been reported in Oracle MySQL, which can be exploited by malicious people to disclose certain sensitive information. [Read More]

Oracle MySQL yaSSL Two Buffer Overflow Vulnerabilities
Vendor Patch. Secunia Advisory 3 of 5 in 2013. 1,233 views.
Release Date:
2013-03-20		 Secunia Advisory ID:
SA52445		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
Two vulnerabilities have been reported in Oracle MySQL, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Oracle MySQL Server Geometry Query Processing Denial of Service Vulnerability
Unpatched. Secunia Advisory 4 of 5 in 2013. 1,131 views.
Release Date:
2013-03-18		 Secunia Advisory ID:
SA52639		 Solution Status:
Unpatched
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A vulnerability has been discovered in Oracle MySQL Server, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

Oracle MySQL Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 5 of 5 in 2013. 1,696 views.
Release Date:
2013-01-16		 Secunia Advisory ID:
SA51894		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
Exposure of sensitive information
DoS
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in MySQL Server, which can be exploited by malicious, local users to disclose sensitive information and manipulate data, by malicious users to cause a DoS (Denial of Service), disclose sensitive information, or manipulate data, and by malicious people to cause a DoS (Denial of Service). [Read More]

Oracle MySQL Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 8 in 2012. 3,391 views.
Release Date:
2012-12-03		 Secunia Advisory ID:
SA51427		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Brute force
DoS
System access
 Where:
From local network
Short Description:
Kingcope has reported multiple vulnerabilities in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service) and compromise a vulnerable system and by malicious people to conduct brute force attacks. [Read More]

Oracle MySQL Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 8 in 2012. 1,559 views.
Release Date:
2012-10-17		 Secunia Advisory ID:
SA51008		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
Exposure of sensitive information
DoS
System access
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. [Read More]

Oracle MySQL Server Multiple Denial of Service Vulnerabilities
Vendor Patch. Secunia Advisory 3 of 8 in 2012. 4,408 views.
Release Date:
2012-07-18		 Secunia Advisory ID:
SA49957		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 4 of 8 in 2012. 2,798 views.
Release Date:
2012-06-11		 Secunia Advisory ID:
SA49409		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Unknown
Security Bypass
DoS
 Where:
From local network
Short Description:
A security issue and two vulnerabilities have been reported in MySQL, where one has an unknown impact and others can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to bypass certain security restrictions. [Read More]

Oracle MySQL Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 5 of 8 in 2012. 1,311 views.
Release Date:
2012-04-18		 Secunia Advisory ID:
SA48890		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

Oracle MySQL Server Denial of Service and Unspecified Vulnerabilities
Vendor Patch. Secunia Advisory 6 of 8 in 2012. 2,891 views.
Release Date:
2012-04-09		 Secunia Advisory ID:
SA48744		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Unknown
DoS
 Where:
From local network
Short Description:
Three vulnerabilities have been reported in Oracle MySQL Server, where one has unknown impacts and the other can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Unspecified Code Execution Vulnerability
Unpatched. Secunia Advisory 7 of 8 in 2012. 2,281 views.
Release Date:
2012-02-09		 Secunia Advisory ID:
SA47894		 Solution Status:
Unpatched
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in MySQL, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

Oracle MySQL Server Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 8 of 8 in 2012. 2,425 views.
Release Date:
2012-01-18		 Secunia Advisory ID:
SA47586		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
Exposure of sensitive information
DoS
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious, local users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service), by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS, or by malicious people to cause a DoS. [Read More]

MySQL Multiple Denial of Service Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 7 in 2010. 2,674 views.
Release Date:
2010-11-04		 Secunia Advisory ID:
SA42097		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Some vulnerabilities have been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 2 of 7 in 2010. 5,914 views.
Release Date:
2010-10-04		 Secunia Advisory ID:
SA41716		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
DoS
 Where:
From local network
Short Description:
Multiple vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service). [Read More]

MySQL Multiple Security Issues
Vendor Patch. Secunia Advisory 3 of 7 in 2010. 4,943 views.
Release Date:
2010-08-24		 Secunia Advisory ID:
SA41048		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Unknown
DoS
 Where:
From local network
Short Description:
Some security issues have been reported in MySQL, where one has unknown impacts while others can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL "ALTER DATABASE" Denial of Service
Vendor Patch. Secunia Advisory 4 of 7 in 2010. 3,611 views.
Release Date:
2010-06-29		 Secunia Advisory ID:
SA40333		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A security issue has been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 5 of 7 in 2010. 6,407 views.
Release Date:
2010-05-12		 Secunia Advisory ID:
SA39792		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
DoS
System access
 Where:
From local network
Short Description:
Some vulnerabilities have been reported in MySQL, which can be exploited by malicious users to bypass certain security restrictions or potentially compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service). [Read More]

MySQL Two Security Issues
Vendor Patch. Secunia Advisory 6 of 7 in 2010. 3,458 views.
Release Date:
2010-04-19		 Secunia Advisory ID:
SA39454		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From local network
Short Description:
Two security issues have been reported in MySQL, which can be exploited by malicious, local users and malicious users to manipulate certain data. [Read More]

MySQL yaSSL Certificate Processing Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 7 of 7 in 2010. 3,786 views.
Release Date:
2010-01-28		 Secunia Advisory ID:
SA38364		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in MySQL, which can be exploited by malicious people to compromise a vulnerable system. [Read More]

MySQL Denial of Service and Client Certificate Verification Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 4 in 2009. 6,340 views.
Release Date:
2009-11-23		 Secunia Advisory ID:
SA37372		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Spoofing
DoS
 Where:
From local network
Short Description:
Some vulnerabilities have been reported in MySQL, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to conduct spoofing attacks. [Read More]

MySQL Unspecified Buffer Overflow Vulnerability
Vendor Patch. Secunia Advisory 2 of 4 in 2009. 5,409 views.
Release Date:
2009-09-03		 Secunia Advisory ID:
SA36575		 Solution Status:
Vendor Patch
Criticality:
 Impact:
System access
 Where:
From local network
Short Description:
A vulnerability has been reported in MySQL, which can be exploited to compromise a vulnerable system. [Read More]

MySQL "dispatch_command()" Denial of Service Vulnerability
Partial Fix. Secunia Advisory 3 of 4 in 2009. 5,982 views.
Release Date:
2009-07-09		 Secunia Advisory ID:
SA35767		 Solution Status:
Partial Fix
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Nikolaos Rangos has discovered a vulnerability in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL "ExtractValue()" and "UpdateXML()" Scalar XPath Denial of Service
Vendor Patch. Secunia Advisory 4 of 4 in 2009. 7,917 views.
Release Date:
2009-03-04		 Secunia Advisory ID:
SA34115		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A vulnerability has been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL HTML Output Script Insertion Security Issue
Unpatched. Secunia Advisory 1 of 4 in 2008. 6,896 views.
Release Date:
2008-10-02		 Secunia Advisory ID:
SA32072		 Solution Status:
Unpatched
Criticality:
 Impact:
Cross Site Scripting
 Where:
From remote
Short Description:
Thomas Henlich has reported a security issue in MySQL, which can be exploited by malicious people to conduct script insertion attacks. [Read More]

MySQL Empty Bit-String Literal Denial of Service
Vendor Patch. Secunia Advisory 2 of 4 in 2008. 7,773 views.
Release Date:
2008-09-11		 Secunia Advisory ID:
SA31769		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A vulnerability has been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL MyISAM Table Privilege Check Bypass
Partial Fix. Secunia Advisory 3 of 4 in 2008. 12,511 views.
Release Date:
2008-05-08		 Secunia Advisory ID:
SA30134		 Solution Status:
Partial Fix
Criticality:
 Impact:
Security Bypass
 Where:
Local system
Short Description:
A security issue has been reported in MySQL, which can be exploited by malicious, local users to bypass certain security restrictions. [Read More]

MySQL Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 4 of 4 in 2008. 30,017 views.
Release Date:
2008-01-15		 Secunia Advisory ID:
SA28419		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Privilege escalation
DoS
System access
 Where:
From local network
Short Description:
Some vulnerabilities have been reported in MySQL, which can be exploited by by malicious users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) and to compromise a vulnerable system. [Read More]

MySQL Security Issue and Two Vulnerabilities
Vendor Patch. Secunia Advisory 1 of 6 in 2007. 14,552 views.
Release Date:
2007-12-12		 Secunia Advisory ID:
SA28063		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
Privilege escalation
DoS
 Where:
From remote
Short Description:
A security issue and two vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges, manipulate certain data, or to cause a DoS (Denial of Service). [Read More]

MySQL System Table Information Overwrite Vulnerability
Vendor Patch. Secunia Advisory 2 of 6 in 2007. 16,162 views.
Release Date:
2007-12-10		 Secunia Advisory ID:
SA27981		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
Local system
Short Description:
A vulnerability has been reported in MySQL, which can be exploited by malicious, local users to manipulate certain data. [Read More]

MySQL InnoDB Denial of Service Vulnerability
Vendor Workaround. Secunia Advisory 3 of 6 in 2007. 13,466 views.
Release Date:
2007-11-19		 Secunia Advisory ID:
SA27568		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
A vulnerability has been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Denial of Service Vulnerability and Multiple Security Issues
Vendor Patch. Secunia Advisory 4 of 6 in 2007. 18,907 views.
Release Date:
2007-05-17		 Secunia Advisory ID:
SA25301		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
Privilege escalation
DoS
 Where:
From local network
Short Description:
Various security issues and a vulnerability have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges, bypass certain security restrictions and cause a DoS (Denial of Service) or malicious people to cause a DoS. [Read More]

MySQL IF Query Denial of Service Vulnerability
Vendor Patch. Secunia Advisory 5 of 6 in 2007. 20,856 views.
Release Date:
2007-05-10		 Secunia Advisory ID:
SA25188		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From local network
Short Description:
Neil Kettle has reported a vulnerability in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Single-Row Subselect and INFORMATION_SCHEMA Denial of Service
Vendor Patch. Secunia Advisory 6 of 6 in 2007. 14,088 views.
Release Date:
2007-03-12		 Secunia Advisory ID:
SA24483		 Solution Status:
Vendor Patch
Criticality:
 Impact:
DoS
 Where:
From remote
Short Description:
Some vulnerabilities have been reported in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). [Read More]

MySQL Create Database Bypass and Privilege Escalation
Vendor Workaround. Secunia Advisory 1 of 5 in 2006. 20,381 views.
Release Date:
2006-08-17		 Secunia Advisory ID:
SA21506		 Solution Status:
Vendor Workaround
Criticality:
 Impact:
Security Bypass
Privilege escalation
 Where:
From local network
Short Description:
Two vulnerabilities have been reported in MySQL, which can be exploited by malicious users to bypass certain security restrictions and perform certain actions with escalated privileges. [Read More]

MySQL MERGE Table Privilege Revoke Bypass
Vendor Patch. Secunia Advisory 2 of 5 in 2006. 21,783 views.
Release Date:
2006-08-01		 Secunia Advisory ID:
SA21259		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
 Where:
From local network
Short Description:
Peter Gulutzan has reported a vulnerability in MySQL, which can be exploited by malicious users to bypass certain security restrictions. [Read More]

MySQL Multibyte Encoding SQL Injection Vulnerability
Vendor Patch. Secunia Advisory 3 of 5 in 2006. 24,653 views.
Release Date:
2006-06-02		 Secunia Advisory ID:
SA20365		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Manipulation of data
 Where:
From remote
Short Description:
A vulnerability has been reported in MySQL, which potentially can be exploited by malicious people to conduct SQL injection attacks. [Read More]

MySQL Information Disclosure and Buffer Overflow Vulnerabilities
Vendor Patch. Secunia Advisory 4 of 5 in 2006. 24,354 views.
Release Date:
2006-05-03		 Secunia Advisory ID:
SA19929		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Exposure of sensitive information
DoS
System access
 Where:
From local network
Short Description:
Some vulnerabilities have been reported in MySQL, which can be exploited by malicious users to disclose potentially sensitive information, cause a DoS (Denial of Service) and compromise a vulnerable system. [Read More]

MySQL Query Logging Bypass Security Issue
Vendor Patch. Secunia Advisory 5 of 5 in 2006. 17,078 views.
Release Date:
2006-02-27		 Secunia Advisory ID:
SA19034		 Solution Status:
Vendor Patch
Criticality:
 Impact:
Security Bypass
 Where:
Local system
Short Description:
1dt.w0lf has discovered a security issue in MySQL, which can be exploited by malicious users to bypass certain security restrictions. [Read More]




Discuss this Product
A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.
Subject: MySQL 5.x 
No posts yet

-

You must be logged in to post a comment.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability