18 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the InnoDB component. An attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network with high privileges. Remediation Upgrade...
Missing Release of Resource after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the Group Replication Plugin. An attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network. Remediation Upgrade libmysqlclient to versi...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Remediation Upgrade libmysqlclient to...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the application to hang or crash repeatedly by sending crafted requests over multiple protocols with high privileges. Remediation...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the InnoDB component. A high privileged attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network. Remediation Upgrade libmysqlclient ...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the InnoDB component. A high privileged attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network. Remediation Upgrade libmysqlclient ...
Linux Distros Unpatched Vulnerability : CVE-2025-30224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MyDumper is a MySQL Logical Backup Tool. The MySQL C client library libmysqlclient allows authenticated remote actors to read arbitrary files from client system...
php: Leak partial content of the heap through heap buffer over-read in mysqlnd
A flaw was found in the PHP MySQL client library. This vulnerability allows a hostile MySQL server to disclose the content of the client's heap, potentially exposing data from other SQL requests and other users of the same server via malicious server interactions...
python3.11-PyMySQL security update
An update is available for python3.11-PyMySQL. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This package contains a pure-Python MySQL client library. The goal...
[SECURITY] [DLA 3822-1] python-pymysql security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3822-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 27, 2024 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...
mysql: prepared statement handle use-after-free after disconnect
A flaw was found in the way MySQL client library libmysqlclient handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient...
mysql: prepared statement handle use-after-free after disconnect
A flaw was found in the way MySQL client library libmysqlclient handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient...
[SECURITY] Fedora 25 Update: python-PyMySQL-0.7.10-10.fc25
This package contains a pure-Python MySQL client library. The goal of PyMyS QL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPyth on and Jython...
mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)
It was found that the MySQL client library permitted but did not require a client to use SSL/TLS when establishing a secure connection to a MySQL server using the "--ssl" option. A man-in-the-middle attacker could use this flaw to strip the SSL/TLS protection from a connection between a client an...
CVE-2003-1331
Stack-based buffer overflow in the mysqlrealconnect function in the MySql client library libmysqlclient 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453...
Important: Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Updated versions of Stronghold 3.0 are available to fix a number of vulnerabilities in OpenSSL, Apache, and PHP. Stronghold 3.0 contains a number of open source technologies such as OpenSSL, Apache, and PHP. The following paragraphs describe a number of issues that have been found in versions of...
Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...
PHP Safe Mode Filesystem Circumvention Problem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ------------------------------------------------------------------------------ Security Advisory DW020203-PHP Release: 3rd February 2002 PHP Safe Mode Filesystem Circumvention Problem Severity: Medium to high. Affects: PHP, all versions which include...