OESA-2024-1932 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

OESA-2024-1934 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

PT-2024-38320 · Chargepoint · Chargepoint Home Flex

Name of the Vulnerable Software and Affected Versions: ChargePoint Home Flex affected versions not specified Description: This issue allows network-adjacent attackers to create a denial-of-service condition on affected installations of ChargePoint Home Flex charging devices. The specific flaw...

PT-2024-4999 · Oracle +4 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.37 and prior Oracle MySQL Server versions 8.4.0 and prior Description: The issue is related to the Server: Connection Handling component of Oracle MySQL Server, where an easily exploitable vulnerability allows...

CVE-2024-6376

MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...

CVE-2024-6376

MongoDB Compass may be susceptible to code injection due to insufficient sandbox protection settings with the usage of ejson shell parser in Compass' connection handling. This issue affects MongoDB Compass versions prior to version 1.42.2...

kernel: RDMA/siw: Fix connection failure handling

A NULL dereference vulnerability was found in the Linux kernel, which is caused when the siwcmworkhandler function attempts to dereference a NULL listener that may be created when immediate MPA request processing fails and the newly created endpoint unlinks the listening endpoint ready to be...

kernel: Linux kernel Bluetooth: Denial of Service due to use-after-free in connection handling

A flaw was found in the Linux kernel's Bluetooth subsystem. A use-after-free UAF vulnerability exists in the hcidisconnectallsync function. This can occur if a Bluetooth connection is deleted while a controller event is being processed concurrently. A local attacker could potentially exploit this...

SUSE CVE-2024-26682

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: improve CSA/ECSA connection refusal As mentioned in the previous commit, we pretty quickly found that some APs have ECSA elements stuck in their probe response, so using that to not attempt to connect while CSA is...

CVE-2024-30249 Cloudburst Network DoS in RakNet connection handling

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR1-20240330.101522-15 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to use Network as an amplification vector for...

CVE-2024-28252 CoreWCF NetFraming based services can leave connections open when they should be closed

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. If you have a NetFraming based CoreWCF service, extra system resources could be consumed by connections being left established instead of closing or aborting them. There are two scenarios when this can...

OPENSUSE-SU-2023:0369-1 Security update for connman

This update for connman fixes the following issues: Update to 1.42 Fix issue with iwd and signal strength calculation. Fix issue with iwd and handling service removal. Fix issue with iwd and handling new connections. Fix issue with handling default online check URL. Fix issue with handling...

Oracle Linux 8 : mysql:8.0 (ELSA-2023-3087)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3087 advisory. mecab 0.996-2.12 - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo -...

AlmaLinux 8 : mysql:8.0 (ALSA-2023:3087)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3087 advisory. mysql: Server: Security: Privileges unspecified vulnerability CPU Apr 2023 CVE-2023-21912 mysql: Server: Optimizer unspecified vulnerability CPU Oct 2022...

CentOS 8 : mysql:8.0 (CESA-2023:3087)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3087 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior...

Important: Red Hat Security Advisory: mysql:8.0 security, bug fix, and enhancement update

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromi...

mysql: Server: Connection Handling unspecified vulnerability (CPU Apr 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are 5.7.40 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromi...

Important: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177734, BZ2177735, BZ2177736 Security Fixes: mysql: Server:...

RHEL 8 : mysql:8.0 (RHSA-2023:3087)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3087 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...