Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
MySQL Comunity Edition Number Of NVD 1286 CRITICAL 7 HIGH 76 MEDIUM 1021 LOW 173
URL https://www.mysql.com/jp/products/community/
Explanation It is an open source, free relational database management system (RDBMS) that is used around the world.
Its performance and functionality are sufficient for commercial use, and it is used for more than just the backend of web applications.
With the merger of Sun Microsystems into Oracle, it was feared that it might no longer be available for free commercial use, but it is still available under the GPL license for cloud backend and internal use.
It is still used as a backend for many web applications (WordPress, Facebook, etc.).

Since it has been merged with Oracle, the development speed has been increased, and the latest version is a higher performance, higher functionality relational database management system (RDBMS).

You can also get technical support by paying a support fee.

It has become one of the open source combinations called LAMP (Linux, Apache, MySQL [MariaDB], PHP).
Tag
  • GPL v2
  • オープンソース
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://dev.mysql.com/downloads/mysql/
2 https://endoflife.software/applications/databases/mysql
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1221 MySQL 8.1 8.1.0 July 18, 2023 July 18, 2023 0 0 0 0
1222 New!! MySQL 8 8.0.45 Jan. 20, 2029 April 19, 2018 April 19, 2026 4 25 565 54
1223 MySQL 5.7 5.7.44 Oct. 25, 2023 Jan. 21, 2015 Oct. 21, 2023 6 26 356 33
1224 MySQL 5.6 5.6.51 Jan. 20, 2021 Feb. 5, 2013 Feb. 5, 2021 5 28 359 90
1225 MySQL 5.5 5.5.62 Oct. 22, 2018 Oct. 3, 2010 Jan. 3, 2018 3 26 347 92
1226 MySQL 7.6 7.6.9 Jan. 1, 2000 0 2 40 16
1227 MySQL 7.5 7.5.9 Jan. 1, 2000 0 2 39 15
1228 MySQL 7.4 7.4.9 Jan. 1, 2000 0 2 38 14
1229 MySQL 7.3 7.3.9 Jan. 1, 2000 0 2 13 0
1230 MySQL 7.2 7.2.35 Jan. 1, 2000 0 0 12 0
1231 MySQL 7.1 7.1.37 Jan. 1, 2000 0 0 12 0
1232 MySQL 6.0 6.0.5 Jan. 1, 2000 0 0 18 1
1233 MySQL 5.4 5.4.3 Jan. 1, 2000 0 3 132 41
1234 MySQL 5.3 5.3.9 Jan. 1, 2000 0 3 133 41
1235 MySQL 5.1 5.1.9 Dec. 31, 2013 0 10 221 60
1236 MySQL 5.0 5.0.96 Jan. 9, 2012 0 8 168 54
1237 MySQL 4.1 4.1.9 Jan. 1, 2000 0 5 136 47
1238 MySQL 4.0 4.0.9 Jan. 1, 2000 0 11 139 48
1239 MySQL 3.2 3.20.32a Jan. 1, 2000 0 10 128 45
1240 MySQL 1.5 1.5.1 Jan. 1, 2000 0 6 127 44
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1221 -
2.6 		LOW Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows … CWE-79
Cross-site Scripting 		CVE-2008-4456 cpe:2.3:a:oracle:mysql:5.0.67:*
cpe:2.3:a:oracle:mysql:5.0.45:*
cpe:2.3:a:oracle:mysql:5.0.42:*
cpe:2.3:a:orac… 		2026-04-23 09:35
2008-10-7 		Show GitHub Exploit DB Packet Storm
1222 -
4.6 		MEDIUM MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are original… CWE-59
Link Following 		CVE-2008-4098 cpe:2.3:a:oracle:mysql:5.0.66:sp1
cpe:2.3:a:oracle:mysql:5.0.64:*
cpe:2.3:a:oracle:mysql:5.0.62:*
cpe:2.3:a:or… 		2026-04-23 09:35
2008-09-19 		Show GitHub Exploit DB Packet Storm
1223 -
4.6 		MEDIUM MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated wit… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-4097 cpe:2.3:a:oracle:mysql:5.0.51a:* 2026-04-23 09:35
2008-09-19 		Show GitHub Exploit DB Packet Storm
1224 -
4.0 		MEDIUM MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to … CWE-134
Use of Externally-Controlled Format String 		CVE-2008-3963 cpe:2.3:a:oracle:mysql:6.0.4:*
cpe:2.3:a:oracle:mysql:6.0.3:*
cpe:2.3:a:oracle:mysql:6.0.2:*
cpe:2.3:a:oracle:… 		2026-04-23 09:35
2008-09-11 		Show GitHub Exploit DB Packet Storm
1225 -
4.6 		MEDIUM MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modifi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-2079 cpe:2.3:a:oracle:mysql:*:* 6.0.0 6.0.5 2026-04-23 09:35
2008-05-6 		Show GitHub Exploit DB Packet Storm
1226 -
7.5 		HIGH Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in hand… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2008-0226 cpe:2.3:a:oracle:mysql:5.1:*
cpe:2.3:a:oracle:mysql:5.1.9:*
cpe:2.3:a:oracle:mysql:5.1.8:*
cpe:2.3:a:oracle:my… 		2026-04-23 09:35
2008-01-11 		Show GitHub Exploit DB Packet Storm
1227 -
3.5 		LOW MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privilege… NVD-CWE-Other
CVE-2007-6303 cpe:2.3:a:oracle:mysql:6.0.3:*
cpe:2.3:a:oracle:mysql:6.0.2:*
cpe:2.3:a:oracle:mysql:6.0.1:*
cpe:2.3:a:oracle:… 		2026-04-23 09:35
2007-12-11 		Show GitHub Exploit DB Packet Storm
1228 -
5.0 		MEDIUM The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of se… NVD-CWE-Other
CVE-2007-6304 cpe:2.3:a:oracle:mysql:6.0.3:*
cpe:2.3:a:oracle:mysql:6.0.2:*
cpe:2.3:a:oracle:mysql:6.0.1:*
cpe:2.3:a:oracle:… 		2026-04-23 09:35
2007-12-11 		Show GitHub Exploit DB Packet Storm
1229 -
5.8 		MEDIUM MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX… NVD-CWE-Other
CVE-2007-5970 cpe:2.3:a:oracle:mysql:6.0.4:*
cpe:2.3:a:oracle:mysql:6.0.3:*
cpe:2.3:a:oracle:mysql:6.0.2:*
cpe:2.3:a:oracle:… 		2026-04-23 09:35
2007-12-11 		Show GitHub Exploit DB Packet Storm
1230 -
6.0 		MEDIUM The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows rem… NVD-CWE-Other
CVE-2007-2692 cpe:2.3:a:oracle:mysql:5.1.9:*
cpe:2.3:a:oracle:mysql:5.1.8:*
cpe:2.3:a:oracle:mysql:5.1.7:*
cpe:2.3:a:oracle:… 		2026-04-23 09:35
2007-05-16 		Show GitHub Exploit DB Packet Storm