597 matches found
CVE-2021-36843
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered in WordPress Floating Social Media Icon plugin versions = 4.3.5 Social Media Configuration form. Requires high role user like admin...
PT-2021-6990 · Oracle +1 · Oracle Mysql Cluster +1
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Cluster versions 8.0.28 and prior Description: The issue is related to insufficient input validation in the Oracle MySQL Cluster component. It may allow an attacker to gain full control over the application using various network...
CVE-2021-22022
The vRealize Operations Manager API 8.x prior to 8.5 contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure...
CVE-2021-28633
Adobe Creative Cloud Desktop Application installer version 2.4 and earlier is affected by an Insecure temporary file creation vulnerability. An attacker could leverage this vulnerability to cause arbitrary file overwriting in the context of the current user. Exploitation of this issue requires...
AZL-6696 CVE-2021-2354 affecting package mysql for versions less than 8.0.28-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
UBUNTU-CVE-2021-2402
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Locking. Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
UBUNTU-CVE-2021-2372
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
PT-2021-3504
Name of the Vulnerable Software and Affected Versions OpenPLC ScadaBR versions through 0.9.1 on Linux OpenPLC ScadaBR versions through 1.12.4 on Windows Description The ScadaBR system, designed for data collection and process automation control, is affected by multiple issues. One issue involves...
CVE-2021-24344
The Easy Preloader WordPress plugin through 1.0.0 does not sanitise its setting fields, leading to authenticated admin+ Stored Cross-Site scripting issues...
CVE-2021-31428
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists withi...
UBUNTU-CVE-2021-2308
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2020-26200
A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...
CVE-2020-14742
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYSDBA level account privilege with network access via Oracle Net to...
CVE-2020-16941
An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of...
CVE-2020-15797
A vulnerability has been identified in DCA Vantage Analyzer All versions V4.5 are affected by CVE-2020-7590. In addition, serial numbers 40000 running software V4.4.0 are also affected by CVE-2020-15797. Improper Access Control could allow an unauthenticated attacker to escape from the restricted...
mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
mysql: Server: Logging unspecified vulnerability (CPU Apr 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
mysql: Server: Information Schema unspecified vulnerability (CPU Jul 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...
mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
mysql: Server: DDL unspecified vulnerability (CPU Oct 2019)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...