93 matches found
Security Bulletin: protobuf-java component is vulnerable to CVE-2022-3510 and CVE-2022-3509 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses protobuf-java package which is vulnerable to CVE-2022-3510 and CVE-2022-3509. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for...
Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.
The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to cause service interruptions using the MySQL protocol...
PT-2023-20806
Name of the Vulnerable Software and Affected Versions wangmarket CMS version 4.10 Description The issue allows remote attackers to run arbitrary SQL commands via the TableName parameter to the "/plugin/dataDictionary/tableView.do" API endpoint. This enables attackers to manipulate database querie...
CVE-2023-30557
Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the datadictionary.py tableinfo. User input coming from the dbname in a...
CVE-2023-30558
CVE-2023-30558 affects Archery, an open source SQL audit platform. The vulnerability arises from multiple SQL injection flaws in the sql/data_dictionary.py table_list endpoint, where untrusted input from the db_name parameter is concatenated into SQL queries and passed to database engines. Affect...
PT-2023-22785 · Archery · Archery
Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...
SUSE CVE-2017-12959
There is a reachable assertion abort in the function dictaddmrset in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack...
SUSE CVE-2017-16832
The pebfdreadbuildid function in peicode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service segmentation violation and applicatio...
SUSE CVE-2019-2746
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Data Dictionary. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2022-21605
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQ...
mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
Vulnerability of the Server component: The Data Dictionary of the MySQL Server database management system, which allows attackers to cause service interruptions.
The vulnerability of the MySQL Server component, which is part of the database management system, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-87659)
Oracle MySQL Server is a relational database from Oracle Corporation USA. A denial-of-service vulnerability exists in the Server: Data Dictionary component of Oracle MySQL Server. An attacker can exploit the vulnerability to access the network via multiple protocols, which can compromise MySQL...
CVE-2022-21605
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21605
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21605
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21605
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
UBUNTU-CVE-2022-21605
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...
CVE-2022-21605
CVE-2022-21605 concerns the Oracle MySQL Server, specifically the Server: Data Dictionary component. Affected are MySQL Server versions 8.0.28 and earlier . The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to cause the server to hang or crash, resul...