Max CVSS | 6.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-2692 | 6.0 |
The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
|
17-12-2019 - 20:16 | 16-05-2007 - 01:19 | |
CVE-2007-2693 | 3.5 |
MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
|
17-12-2019 - 20:06 | 16-05-2007 - 01:19 | |
CVE-2007-2691 | 4.9 |
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. The vendor has released a product update to address
|
19-10-2018 - 19:00 | 16-05-2007 - 01:19 | |
CVE-2007-3782 | 3.5 |
MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
|
15-10-2018 - 21:30 | 15-07-2007 - 22:30 | |
CVE-2007-3781 | 4.0 |
MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
|
15-10-2018 - 21:30 | 15-07-2007 - 22:30 | |
CVE-2007-3780 | 5.0 |
MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
|
15-10-2018 - 21:30 | 15-07-2007 - 22:30 |