Low: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

libvirt security update

CentOS Errata and Security Advisory CESA-2018:0029 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: An...

Oracle MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities

Binary data 700185.prm...

CVE-2017-3650

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: C API. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attack...

Design/Logic Flaw

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: C API. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attack...

Oracle MySQL Server Unauthorized Read Vulnerability (CNVD-2017-24329)

Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in the C API subcomponent of the MySQL Server component in Oracle MySQL, version 5.7.18 and earlier. A remote attacker can exploit this vulnerability to gain unauthorized access to...

Cross site scripting

dayrui FineCms through 5.0.10 has Cross Site Scripting XSS in controllers/api.php via the function parameter in a c=api&m=data2 request...

CVE-2017-11629

dayrui FineCms through 5.0.10 has Cross Site Scripting XSS in controllers/api.php via the function parameter in a c=api&m=data2 request...

CVE-2017-3650

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: C API. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attack...

Oracle Mysql Security Updates (jul2017-3236622) 01 - Linux

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescription...

MySQL 5.6.x < 5.6.37 Multiple Vulnerabilities (July 2017 CPU) (October 2017 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.37. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the Memcached component that allows an unauthenticated, remote attacker to impact integrity and availability. CVE-2017-3633 - Multiple...

MySQL 5.7.x < 5.7.19 Multiple Vulnerabilities (Jul 2017 CPU) (Oct 2017 CPU) (Jul 2019 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.19. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the UDF component that allows an authenticated, remote attacker to cause a denial of service condition. CVE-2017-3529 - An unspecified...

CVE-2017-3650

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: C API. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attack...

UBUNTU-CVE-2017-3650

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: C API. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attack...

CVE-2017-3305

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: C API. Supported versions that are affected are 5.5.55 and earlier and 5.6.35 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

UBUNTU-CVE-2017-3467

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: C API. Supported versions that are affected are 5.7.17 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...

MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...

Oracle Mysql Security Updates (apr2017-3236618) 01 - Windows

Oracle MySQL is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Mysql Security Updates (apr2017-3236618) 01 - Linux

Oracle MySQL is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...