USN-6615-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features...

CVE-2024-22432

Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...

CVE-2024-22432

Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...

Design/Logic Flaw

Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...

CVE-2024-22432

Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...

CVE-2024-22432

Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configure...

PT-2024-1634 · Vinchin · Vinchin Backup & Recovery

Name of the Vulnerable Software and Affected Versions: Vinchin Backup & Recovery version 7.2 Description: The issue is related to the use of default credentials in Vinchin Backup & Recovery. This could allow a remote attacker to elevate their privileges. Recommendations: For Vinchin Backup &...

PYSEC-2023-287

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via a Job Button, only the model-level extras.runjob permission is checked i.e., does the user have...

Database Ransomware: From Attack to Recovery

Introduction In recent years, ransomware attacks have risen sharply, due to their profitability, ease of access with ransomware-as-a-service RaaS tools, and an increasing attack surface. Ransomware is a type of attack in which the attacker locks and encrypts a victim’s data and then demands a...

Vulnerability of the Server component: The DDL system for database management in MySQL, which allows a hacker to cause a service failure.

Vulnerability of the Server component: The DDL system for managing databases in MySQL is vulnerable to errors during the processing of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

编号撤回

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. This CVE number has been withdrawn...

emlog 代码问题漏洞

emlog is a PHP and MySQL based CMS builder for emlog personal developers. A code issue vulnerability exists in emlog version 6.0.0, which stems from a file upload vulnerability in /admin/plugin.php. An attacker can exploit this vulnerability to elevate privileges...

The vulnerability of the EaseProbe tool for checking functionality/status involves a lack of measures to protect the SQL query structure, allowing attackers to execute arbitrary SQL code.

The vulnerability of the EaseProbe tool for checking functionality/status involves a lack of measures taken to protect the SQL query structure during data processing in MySQL/PostgreSQL databases. Exploiting this vulnerability allows attackers to execute arbitrary SQL code...

BlueCMS SQL注入漏洞

BlueCMS is a content management system CMS based on PHP and MySQL. A security vulnerability exists in BlueCMS v1.6, which can be exploited for SQL injection via the keywords parameter in search.php...

Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, which allows attackers to cause downtime or service failures.

The vulnerability of the MySQL Server component lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause the system to become unresponsive or fail to provide services...

ALSA-2023:2621 Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177731, BZ2177732 Security Fixes: mysql: Server: Security:...

USN-6060-2: MySQL vulnerabilities

USN-6060-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

UBUNTU-CVE-2023-21966

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...

PT-2023-21058 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Apache InLong versions 1.1.0 through 1.5.0 Description: The issue is related to the deserialization of untrusted data in Apache InLong, which could be triggered by authenticated users. This vulnerability affects the MySQLDataNode due to the...