RHEL 7 : mysql-connector-odbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mysql-connector-odbc: An unauthenticated attacker with network access can, via multiple protocols compromise MySQL...

RHEL 7 : mysql-connector-java (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mysql-connector-java: Improper automatic deserialization of binary data CPU Apr 2017 CVE-2017-3523 -...

RHEL 6 : mysql-connector-odbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mysql-connector-odbc: An unauthenticated attacker with network access can, via multiple protocols compromise MySQL...

RHEL 6 : mysql-connector-java (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mysql-connector-java: Connector/J unspecified vulnerability CPU October 2018 CVE-2018-3258 -...

Security Bulletin: IBM Event Processing is vulnerable to high confidentiality, integrity and availability impacts (CVE-2023-22102).

Summary MySQL Connector/J versions used by IBM Event Processing are susceptible to a difficult to exploit vulnerability that could allow an unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a perso...

CVE-2024-21090

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successf...

CVE-2024-21090

CVE-2024-21090 affects Oracle MySQL Connectors (Connector/Python). Affected versions are 8.3.0 and earlier. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to cause a hang or frequent crash (DOS) of MySQL Connectors. CVSS v3.1 base score is 7.5 with...

Fedora: Security Advisory for mysql-connector-java (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

org.apache.camel.kafkaconnector:camel-aws-redshift-sink-kafka-connector (>=1.0.0 <=3.21.0), org.apache.camel.kafkaconnector:camel-aws-redshift-source-kafka-connector (>=1.0.0 <=3.21.0) +29 more potentially affected by CVE-2024-22369 via org.apache.camel:camel-sql (>=3.0.0 <=3.21.3)

org.apache.camel:camel-sql MAVEN version =3.0.0, =1.0.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.18.1, =3.18.1, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =3.21.0...

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.2.10 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

OESA-2024-1103 mysql-connector-java security update

Official JDBC driver for MySQL. Security Fixes: Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

Remote Code Execution (RCE)

mysql-connector-java is vulnerable to Remote Code Execution. The vulnerability is due to not sanitizing the propertiesTransformClassName when instantiated or not in setupPropertiesTransformer in the ConnectionUrl.java file. This potentially leads to Arbitrary Code Execution...

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

...

ai.databand.azkaban:azkaban-common (=3.18.0), ai.databand.azkaban:azkaban-exec-server (=3.18.0) +8708 more potentially affected by CVE-2023-22102 via mysql:mysql-connector-java (>=3.0.10 <=8.0.33)

mysql:mysql-connector-java MAVEN version =3.0.10, =0.5.0, =0.5.0, =0.1.0, =4.1.3, =0.0.13, =1.13.3, =j8.2.2.0, =2.1.0, =1.0.0, =0.0.3, =0.0.5 and more Source cves: CVE-2023-22102 Source advisory: OSV:GHSA-M6VM-37G8-GQVH...

ai.koog:agents-features-sql-jvm (>=0.4.2 <=0.5.4), app.cash.backfila:client-misk-hibernate (>=2023.12.01.210510-f61f157 <=2024.06.21.153703-27e31a9) +1217 more potentially affected by CVE-2023-22102 via com.mysql:mysql-connector-j (>=8.0.31 <=8.1.0)

com.mysql:mysql-connector-j MAVEN version =8.0.31, =0.4.2, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2.0.0, =6.6.0, =6.6.0, =2.5.0, =1.5.12, =1.6.8.1, =1.6.9.1, =1.6.8.1, =1.1.0, =1.1.2 and more Source cves: CVE-2023-22102 Source advisory:...

Design/Logic Flaw

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

UBUNTU-CVE-2023-22102

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

CVE-2023-22102

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

GHSA-P3R5-X3HR-GPG5 OpenRefine Remote Code execution in project import with mysql jdbc url attack

Summary An remote Code exec vulnerability allows any unauthenticated user to exec code on the server. Details Hi,Team, i find openrefine support to import data from database,When use mysql jdbc to connect to database,It is vulnerable to jdbc url attacks,for example,unauthenticated attacker can ge...

OpenRefine Remote Code execution in project import with mysql jdbc url attack

Summary An remote Code exec vulnerability allows any unauthenticated user to exec code on the server. Details Hi,Team, i find openrefine support to import data from database,When use mysql jdbc to connect to database,It is vulnerable to jdbc url attacks,for example,unauthenticated attacker can ge...