MySQL

There was a moment of panic in the open source community this week when a developer on the MariaDB fork of MySQL discovered that Oracle had quietly changed the license on all the man pages for MySQL from GPL to a restrictive proprietary license two months earlier. Prompted by the bug report, Oracle's staff quickly discovered that an error had been made in the build system and promised to immediately undo the change and restore the GPL to all of MySQL. Problem solved!

A serious security bug in MariaDB and MySQL Disclosed, According to Advisory All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are vulnerable. This issue got assigned an id CVE-2012-2122. 

Mysql_hashdump module from Metasploit uses a known username and password to access the master user table of a MySQL server and dump it into a locally-stored "loot" file. This can be easily cracked using a tool like John the Ripper, providing clear-text passwords that may provide further access.