20 matches found
ROOT-APP-NPM-CVE-2024-21511 CVE-2024-21511 in @rootio/mysql2 - Patched by Root
Root has patched CVE-2024-21511 in the @rootio/mysql2 package for Root:npm. Multiple fixed versions available...
CVE-2026-21511
CVE-2026-21511 describes deserialization of untrusted data in Microsoft Office Outlook, enabling an unauthorized attacker to spoof over a network. Affected product: Microsoft Office Outlook. Root cause: unsafe deserialization of data. Impact: spoofing with network access; CVSS v3.1 base score 7.5...
CVE-2026-21511
creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-10 18:11:42+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0058 2026-02-11 10:00:44+00:00| seen|...
CVE-2025-21511
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
CVE-2022-21511
Vulnerability in the Oracle Database - Enterprise Edition Recovery component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows high privileged attacker having EXECUTE ON DBMSIR.EXECUTESQLSCRIPT privilege with network access via...
CVE-2024-21511
A flaw was found in the MySQL2 npm package. Affected versions of this package are vulnerable to arbitrary code injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...
CVE-2024-21511
creationtimestamp| type| source ---|---|--- 2024-04-24 01:44:44+00:00| seen| https://t.me/arpsyndicate/4779 2024-04-24 07:33:08+00:00| seen| https://t.me/arpsyndicate/4780 2024-04-24 21:34:52+00:00| seen| https://t.me/arpsyndicate/4824...
1.1.1-version (=1.0.0), 12g (>=0.0.27 <=1.0.1) +8425 more potentially affected by CVE-2024-21511 via mysql2 (>=0.11.8 <=3.9.6)
mysql2 NPM version =0.11.8, =0.0.27, =1.0.0, =0.0.4, =0.0.1, =0.0.2, =1.0.0, =0.0.1-alpha.5, =0.0.1-alpha.4, =0.0.1-alpha.5 and more Source cves: CVE-2024-21511 Source advisory: OSV:GHSA-4RCH-2FH8-94VW...
CVE-2024-21511 vulnerabilities
Vulnerabilities for packages: sqlpad...
CVE-2024-21511 vulnerabilities
Vulnerabilities for packages: sqlpad...
CVE-2024-21511
Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...
CVE-2024-21511
Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...
1.1.1-version (=1.0.0), 25-6-2025-full (>=1.0.0 <=1.0.2) +5247 more potentially affected by CVE-2024-21511 via mysql2 (>=3.0.0-rc.1 <=3.9.6)
mysql2 NPM version =3.0.0-rc.1, =1.0.0, =0.0.4, =0.0.1, =1.0.0, =0.0.1-alpha.5, =0.0.1-alpha.4, =0.0.1-alpha.1, =0.1.6-alpha.2, =0.0.8, =0.0.1, =0.0.56 and more Source cves: CVE-2024-21511 Source advisory: SNYK:JS-MYSQL2-6670046...
CVE-2023-21511
Out-of-bounds Read vulnerability while processing CMDCOLDWALLETBTCSETPRVUTXO in bccore trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory...
CVE-2023-21511
Out-of-bounds Read vulnerability while processing CMDCOLDWALLETBTCSETPRVUTXO in bccore trustlet from Samsung Blockchain Keystore prior to version 1.3.12.1 allows local attacker to read arbitrary memory...
CVE-2023-21511
Samsung Blockchain Keystore before v1.3.12.1 has an out-of-bounds read in the bc_core trustlet when processing CMD_COLDWALLET_BTC_SET_PRV_UTXO, allowing a local attacker to read arbitrary memory. Affected component: bc_core trustlet within Samsung Blockchain Keystore. Root cause: out-of-bounds re...
Oracle Database Server (Jul 2022 CPU)
The 12.1.0.2, 19c, 21c, All Supported Versions, and None versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle...
CVE-2022-21511
Vulnerability in the Oracle Database - Enterprise Edition Recovery component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows high privileged attacker having EXECUTE ON DBMSIR.EXECUTESQLSCRIPT privilege with network access via...
CVE-2022-21511
The CVE-2022-21511 issue affects the Oracle Database Server, specifically the Enterprise Edition Recovery component. The vulnerability arises in this Recovery module and can be exploited by a high-privilege attacker who has EXECUTE ON DBMS_IR.EXECUTESQLSCRIPT privileges and has network access via...
CVE-2021-21511
CVE-2021-21511 affects Dell EMC Avamar Server, versions 19.3 and 19.4, with an Improper Authorization flaw in the web UI. The vulnerability allows a remote, low-privileged attacker to gain unauthorized read or modification access to other users’ backup data. The issue is rooted in insufficient ac...