1178 matches found
Oracle MySQL Server Denial of Service Vulnerability (CNVD-2020-23467)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the MySQL Server 8.0.18 and prior versions of Server: Security: Privileges component of Oracle MySQL. An attacker...
Oracle MySQL Server Denial of Service Vulnerability (CNVD-2020-23456)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the MySQL Server 8.0.19 and prior versions of Oracle MySQL in the Server: Optimizer component. An attacker could...
The vulnerability of the build_audio_procunit function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the buildaudioprocunit function in the Linux kernel stems from the possibility of reading memory beyond the allocated buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
The vulnerability of the IPv4 protocol in real-time operating systems like Wind River VxWorks allows attackers to compromise the integrity and accessibility of protected information.
The vulnerability of the IPv4 protocol for real-time operating systems developed by Wind River VxWorks is related to insufficient access control mechanisms, such as ipdhcpc and DHCP. Exploiting this vulnerability could allow attackers to compromise the integrity and accessibility of protected...
WHO COVID-19 Mobile App: Improper Input Validation on User's Location on PUT /WhoService/putLocation Could Affect Availability/Falsify Users
Summary: Note: I noticed that that the team has fixed issues like an XSS that's caused only from a header value typically OOS since it's not directly exploitable https://github.com/WorldHealthOrganization/app/pull/855, so in the spirit of this I'm also reporting another "good-to-fix" issue. On th...
CVE-2018-14705
In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...
Authorization
In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these...
Unspecified Vulnerability in Oracle MySQL Client (CNVD-2020-17121)
Oracle MySQL is an open source relational database management system from Oracle. An unspecified vulnerability exists in Oracle MySQL Client. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes, affecting data availability...
Unspecified Vulnerability in Oracle MySQL Client
Oracle MySQL is an open source relational database management system from Oracle. An unspecified vulnerability exists in Oracle MySQL Client. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes, affecting data availability...
PT-2020-2776 · Openjpeg +6 · Openjpeg +6
Name of the Vulnerable Software and Affected Versions: OpenJPEG versions 2.3.1 through 2020-01-28 Description: The issue is related to a heap-based buffer overflow in the opj t1 clbl decode processor function of the OpenJPEG library, specifically in the openjp2/t1.c file when qmfbid==1. This can ...
The vulnerability of the transaction management function of the SAP Treasury and Risk Management software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the transaction management function in SAP Treasury and Risk Management involves deficiencies in the authorization mechanism. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected informati...
Oracle VM VirtualBox Denial of Service Vulnerability (CNVD-2020-04038)
Oracle VM VirtualBox is a cross-platform virtualization software for x86 systems. A security vulnerability exists in the Core component of Oracle VM VirtualBox versions prior to 5.2.36, 6.0.16. An attacker could exploit this vulnerability to cause a denial of service hangs or frequent crashes,...
Unspecified Vulnerability in Oracle GraalVM Enterprise Edition (CNVD-2020-09692)
Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. The product supports a variety of programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM. An unspecified vulnerability exists in...
Unspecified Vulnerability in Oracle Database Server (CNVD-2020-04350)
Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Core RDBMS is one of the relational database core components. An unspecified vulnerability exists in Oracl...
Unspecified Vulnerability in Oracle Database Server (CNVD-2020-04348)
Oracle Database Server is an object-a relational database management system that provides an open, comprehensive, and integrated approach to information management. An unspecified vulnerability exists in Oracle Database Server. An attacker could exploit this vulnerability to unauthorized update,...
Unspecified Vulnerability in Oracle Enterprise Manager Base Platform (CNVD-2020-04371)
Oracle Enterprise Manager Base Platform is a complete installer that includes OMS, agents, repositories, and management plug-ins. An unspecified vulnerability exists in Oracle Enterprise Manager Base Platform. An attacker could exploit this vulnerability to gain unauthorized access to, update,...
Unspecified Vulnerability in Oracle Enterprise Manager Base Platform (CNVD-2020-03236)
Oracle Enterprise Manager Base Platform is a complete installer that includes OMS, agents, repositories, and management plug-ins. An unspecified vulnerability exists in Oracle Enterprise Manager Base Platform. An attacker could exploit this vulnerability to gain unauthorized access to, update,...
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-36397)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An unspecified vulnerability exists in Oracle MySQL Server. An attacker could exploit this vulnerability to cause a denial of service hang or frequen...
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-36396)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An unspecified vulnerability exists in Oracle MySQL Server. An attacker could exploit this vulnerability to cause a denial of service hang or frequen...
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-36403)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An unspecified vulnerability exists in Oracle MySQL Server. An attacker can exploit this vulnerability to cause a denial of service hang or frequent...