mysql: InnoDB unspecified vulnerability (CPU Oct 2019)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

mysql: Server: Options unspecified vulnerability (CPU Jan 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

PT-2020-3442 · Mysql Server +7 · Mysql Server +7

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.20 and prior Description: The issue is related to insufficient access control in the InnoDB component of the MySQL Server. It can be exploited by a remote attacker to cause a denial of service using the MySQL protoco...

AdRotate < 5.8.4 - Authenticated SQL Injection

Authenticated SQL injection in the AdRotate 5.8.3.1 exists via param "id". However, this requires an admin privileged user. NOTE: The plugin author mistook this SQLi bug for XSS but the remedy remains OK. Param "id" is vulneable to SQL Injeciton. Example 1:...

AdRotate < 5.8.4 - Authenticated SQL Injection

Authenticated SQL injection in the AdRotate 5.8.3.1 exists via param "id". However, this requires an admin privileged user. NOTE: The plugin author mistook this SQLi bug for XSS but the remedy remains OK. PoC Param "id" is vulneable to SQL Injeciton. Example 1:...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2020-23457)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: Information Schema component of MySQL Server 8.0.19 and prior versions of Oracle MySQL. An attacker...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-37133)

MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. An unspecified vulnerability exists in the Server: Replication component in Oracle MySQL Server 5.7.27, 8.0.17 and earlier versions. An attacker can exploit this vulnerability to caus...

PT-2019-3723 · Oracle +2 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 5.6.45 and prior Oracle MySQL Server versions 5.7.27 and prior Description: The issue is related to insufficient access control in the encryption component of Oracle MySQL Server, allowing an attacker to gain...

UBUNTU-CVE-2019-2731

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.7.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

Improper Access Control

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-26718)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the InnoDB subcomponent of the MySQL Server component of Oracle MySQL, version 8.0.13 and earlier. An attacker cou...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2019-23146)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the InnoDB subcomponent of the MySQL Server component of Oracle MySQL, version 8.0.12 and earlier. A remote attack...

ALPINE-CVE-2018-3081

Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2018-02063)

Oracle MySQL is an open source relational database management system from Oracle. The database system is characterized by high performance, low cost, good reliability, etc. MySQL Server is one of the server components. A security vulnerability exists in the MySQL Server component of Oracle MySQL,...

Bus Booking Script SQL Injection Vulnerability

Bus Booking Script is an online bus booking management system based on PHP and MySQL. A SQL injection vulnerability exists in Bus Booking Script. A remote attacker can obtain sensitive data e.g., current database user, mysql user by sending the 'spid' parameter to the admin/viewseatseller.php fil...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2017-32205)

Oracle MySQL is an open source relational database management system from Oracle. The database system is characterized by high performance, low cost, good reliability, etc. MySQL Server is one of the server components. A security vulnerability exists in the Server: InnoDB subcomponent of the MySQ...

OV3 Online Administration 3.0 - Directory Traversal

OV3 Online Administration 3.0 - Directory Traversal OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access PoC Exploit Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform...

MySQL 5.6.35 / 5.7.17 Integer Overflow Exploit

MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability. ''' Source: https://raw.githubusercontent.com/SECFORCE/CVE-2017-3599/master/cve-2017-3599poc.py Exploit Title: Remote MySQL DOS Integer Overflow Google Dork: N/A Date: 13th April 2017 Exploit Autho...

SUSE-SU-2017:1137-1 Security update for mysql

This update for mysql to version 5.5.55 fixes the following issues: These security issues were fixed: - CVE-2017-3308: Unspecified vulnerability in Server: DML bsc1034850 - CVE-2017-3309: Unspecified vulnerability in Server: Optimizer bsc1034850 - CVE-2017-3329: Unspecified vulnerability in Serve...

ALPINE-CVE-2017-3302

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3...