This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-25 07:15:41 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
7f8cecea-f199-11da-8422-00123ffe8333 | MySQL -- SQL-injection security vulnerability MySQL reports:
Discovery 2006-05-31 Entry 2006-06-01 mysql-server ge 5.1 le 5.1.9 ge 5.0 lt 5.0.22 ge 4.1 lt 4.1.20 http://lists.mysql.com/announce/364 http://lists.mysql.com/announce/365 |
738f8f9e-d661-11dd-a765-0030843d3802 | mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths MySQL Team reports:
Discovery 2008-07-03 Entry 2008-12-30 mysql-server ge 4.1 lt 4.1.25 ge 5.0 lt 5.0.75 ge 5.1 lt 5.1.28 ge 6.0 lt 6.0.6 CVE-2008-2079 CVE-2008-4097 CVE-2008-4098 http://bugs.mysql.com/bug.php?id=32167 http://dev.mysql.com/doc/refman/4.1/en/news-4-1-25.html http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-75.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-28.html http://dev.mysql.com/doc/refman/6.0/en/news-6-0-6.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480292#25 |
388d9ee4-7f22-11dd-a66a-0019666436c2 | mysql -- MyISAM table privileges security bypass vulnerability SecurityFocus reports:
Discovery 2008-05-05 Entry 2008-09-10 Modified 2008-10-10 mysql-server ge 6.0 lt 6.0.5 ge 5.1 lt 5.1.24 ge 5.0 lt 5.0.67 ge 4.1 lt 4.1.22_1 29106 CVE-2008-2079 |
eeae6cce-d05c-11d9-9aed-000e0c2e438a | mysql-server -- insecure temporary file creation A Zataz advisory reports that MySQL contains a security flaw which could allow a malicious local user to inject arbitrary SQL commands during the initial database creation process. The problem lies in the mysql_install_db script which creates temporary files based on the PID used by the script. Discovery 2005-05-07 Entry 2005-07-09 mysql-server gt 4.1 lt 4.1.12 gt 5.0 lt 5.0.6 13660 CVE-2005-1636 http://www.zataz.net/adviso/mysql-05172005.txt |
a0e92718-6603-11db-ab90-000e35fd8194 | mysql -- database "case-sensitive" privilege escalation Michal Prokopiuk reports a privilege escalation in MySQL. The vulnerability causes MySQL, when run on case-sensitive filesystems, to allow remote and local authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. Discovery 2006-08-09 Entry 2006-10-29 mysql-server ge 5.1 lt 5.1.12 ge 5.0 lt 5.0.25 < 4.1.21 19559 CVE-2006-4226 http://bugs.mysql.com/bug.php?id=17647 |
619ef337-949a-11d9-b813-00d05964249f | mysql-server -- multiple remote vulnerabilities SecurityFocus reports:
Discovery 2005-03-11 Entry 2005-03-14 mysql-server ge 4.0.0 lt 4.0.24 ge 4.1.0 lt 4.1.10a 12781 CVE-2005-0709 CVE-2005-0710 CVE-2005-0711 |
4913886c-e875-11da-b9f4-00123ffe8333 | MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities Secunia reports:
Discovery 2006-05-02 Entry 2006-06-01 mysql-server gt 4.0 lt 4.0.27 gt 4.1 lt 4.1.19 gt 5.1 le 5.1.9 CVE-2006-1516 CVE-2006-1517 CVE-2006-1518 602457 http://www.wisec.it/vulns.php?page=7 http://www.wisec.it/vulns.php?page=8 http://dev.mysql.com/doc/refman/4.1/en/news-4-0-27.html http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html http://dev.mysql.com/doc/refman/5.1/en/news-5-1-10.html http://secunia.com/advisories/19929/ http://www.vuxml.org/freebsd/a8d8713e-dc83-11da-a22b-000c6ec775d9.html |
8c451386-dff3-11dd-a765-0030843d3802 | mysql -- privilege escalation and overwrite of the system table information MySQL reports:
Discovery 2007-11-14 Entry 2009-01-11 mysql-server ge 4.1 lt 4.1.24 ge 5.0 lt 5.0.51 ge 5.1 lt 5.1.23 ge 6.0 lt 6.0.4 CVE-2007-5969 26765 http://bugs.mysql.com/bug.php?id=32111 |
bb4e9a44-dff2-11dd-a765-0030843d3802 | mysql -- renaming of arbitrary tables by authenticated users MySQL reports:
Discovery 2007-05-14 Entry 2009-01-11 mysql-server ge 4.1 lt 4.1.23 ge 5.0 lt 5.0.42 ge 5.1 lt 5.1.18 CVE-2007-2691 24016 http://bugs.mysql.com/bug.php?id=27515 |
fcb90eb0-2ace-11db-a6e2-000e0c2e438a | mysql -- format string vulnerability Jean-David Maillefer reports a Denial of Service vulnerability
within MySQL. The vulnerability is caused by improper checking
of the data_format routine, which cause the MySQL server to
crash. The crash is triggered by the following code: Discovery 2006-06-27 Entry 2006-08-13 mysql-server ge 5.1 lt 5.1.6 ge 5.0 lt 5.0.19 ge 4.1 lt 4.1.18 19032 CVE-2006-3469 http://bugs.mysql.com/bug.php?id=20729 |
240ac24c-dff3-11dd-a765-0030843d3802 | mysql -- remote dos via malformed password packet MySQL reports:
Discovery 2007-07-15 Entry 2009-01-11 mysql-server ge 4.1 lt 4.1.24 ge 5.0 lt 5.0.44 ge 5.1 lt 5.1.20 CVE-2007-3780 25017 http://bugs.mysql.com/bug.php?id=28984 |