93 matches found
PT-2021-4711 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.26 and prior Description: The issue is related to insufficient input validation in the MySQL Server component, specifically the Data Dictionary. This can be exploited by a high-privileged attacker with logon to the...
CVE-2019-2746
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Data Dictionary. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
Oracle MySQL Server Component Access Control Error Vulnerability (CNVD-2019-26667)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A component access control error vulnerability exists in the Server: Data Dictionary subcomponent of the MySQL Server component in Oracle MySQL,...
PT-2019-6352 · Oracle +1 · Mysql Server
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.12 and prior Description: The issue is related to insufficient input validation in the MySQL Server component, specifically in the Server: Data Dictionary subcomponent. This allows an attacker with network access via...
GNU Binutils Denial of Service Vulnerability (CNVD-2017-34502)
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the pebfdreadbuildid function in peicode.h in the...
UBUNTU-CVE-2017-16832
The pebfdreadbuildid function in peicode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service segmentation violation and applicatio...
GNU PSPP Denial of Service Vulnerability (CNVD-2017-28755)
GNU PSPP is a free application developed by the GNU Project for data sampling, statistics and analysis. A security vulnerability exists in the 'dictaddmrset' function in the data/dictionary.c file in GNU PSPP version 0.11.0. A remote attacker could exploit this vulnerability to cause a denial of...
GNU PSPP Denial of Service Vulnerability
GNU PSPP is a free application developed by the GNU Project for data sampling, statistics and analysis. A security vulnerability exists in the 'dictrenamevar' function in the data/dictionary.c file in GNU PSPP version 0.11.0. A remote attacker could exploit this vulnerability to cause a denial of...
GNU PSPP Denial of Service Vulnerability (CNVD-2017-28753)
GNU PSPP is a free application developed by the GNU Project for data sampling, statistics and analysis. A security vulnerability exists in the 'dictaddmrset' function in the data/dictionary.c file in GNU PSPP version 0.11.0. A remote attacker could exploit this vulnerability to cause a denial of...
GNU PSPP Denial of Service Vulnerability (CNVD-2017-28754)
GNU PSPP is a free application developed by the GNU Project for data sampling, statistics and analysis. A security vulnerability exists in the 'dictaddmrset' function in the data/dictionary.c file in GNU PSPP version 0.11.0. A remote attacker could exploit this vulnerability to cause a denial of...
UBUNTU-CVE-2017-12960
There is a reachable assertion abort in the function dictrenamevar in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service...
DEBIAN-CVE-2017-12960
There is a reachable assertion abort in the function dictrenamevar in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service...
CVE-2013-4609
REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain undocumented syntax within branching logic and calculations, which allows remote authenticated users to bypass intended access restrictions via 1 the Online Designer or 2 the Data Dictionary upload, as demonstrated by an eval call...