Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (112 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2468 1 Mysql 1 Eventum 2025-04-03 N/A
Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
CVE-2006-4305 2 Mysql, Sap-db 2 Maxdb, Sap-db 2025-04-03 N/A
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
CVE-2006-3081 3 Mysql, Oracle, Redhat 4 Mysql, Mysql, Enterprise Linux and 1 more 2025-04-03 N/A
mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
CVE-2006-1516 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-03 N/A
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
CVE-2004-1169 1 Mysql 1 Maxdb 2025-04-03 N/A
MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (application crash) via an HTTP GET request for a file that does not exist, followed by two carriage returns, which causes a NULL dereference.
CVE-2005-0081 1 Mysql 1 Maxdb 2025-04-03 N/A
MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
CVE-2006-1518 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-03 N/A
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
CVE-2005-0082 1 Mysql 1 Maxdb 2025-04-03 N/A
The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
CVE-2004-0628 1 Mysql 1 Mysql 2025-04-03 N/A
Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
CVE-2004-0627 1 Mysql 1 Mysql 2025-04-03 N/A
The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
CVE-2004-1168 1 Mysql 1 Maxdb 2025-04-03 N/A
Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header.
CVE-2006-4380 2 Mysql, Redhat 2 Mysql, Enterprise Linux 2025-04-03 N/A
MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.