K36942191: Advanced WAF and BIG-IP ASM MySQL database vulnerability CVE-2021-23053

Security Advisory Description When the brute force protection feature of ASM/Adv WAF is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. CVE-2021-23053...

SUSE CVE-2012-0496

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

SUSE CVE-2013-1861

MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...

SUSE CVE-2013-3221

The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...

SUSE CVE-2016-5443

Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection...

SUSE CVE-2017-10268

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

SUSE CVE-2019-2434

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

The vulnerability of the InnoDB component of the MySQL Database Server allows a perpetrator to gain unauthorized access for reading, modifying, or deleting data, or to cause service failures.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or to cause service failures...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the InnoDB component of the MySQL Database Server allows a perpetrator to gain unauthorized access for reading, modifying, or deleting data, or to cause service failures.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or to cause service failures...

Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

Organizations in East Asia are being targeted by a likely Chinese-speaking actor dubbed DragonSpark while employing uncommon tactics to go past security layers. "The attacks are characterized by the use of the little known open source SparkRAT and malware that attempts to evade detection through...

Inout RealEstate 2.1.3 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

PT-2023-18545 · Unknown +1 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: a12nserver versions prior to 0.23.0 Description: The issue affects users of a12nserver who use MySQL, making them potentially vulnerable to SQL injection bugs. This could allow an attacker to obtain OAuth2 Access Tokens for unrelated users. T...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

PT-2022-5283 · Apache +1 · Apache Linkis +1

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions 1.2.0 and earlier Description: A deserialization vulnerability exists in Apache Linkis when used with the MySQL Connector/J, potentially allowing remote code execution if an attacker has write access to a database and...

USN-5696-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated...

mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

jfinal cms SQL注入漏洞

jfinal cms is a java development of powerful information consulting website , using a simple and powerful JFinal as the web framework , the template engine with beetl , database with mysql , front-end bootstrap framework . jfinal cms 5.1.0 version of a security vulnerability , the vulnerability...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

CVE-2022-26117

An empty password in configuration file vulnerability CWE-258 in FortiNAC version 8.3.7 and below, 8.5.2 and below, 8.5.4, 8.6.0, 8.6.5 and below, 8.7.6 and below, 8.8.11 and below, 9.1.5 and below, 9.2.3 and below may allow an authenticated attacker to access the MySQL databases via the CLI...