CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2025/11/04 11:50 a.m.•2 views

mysql: mariadb: mysqldump unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

6.8CVSS5.8AI score0.00406EPSS

RedHat Linux•added 2025/11/04 11:50 a.m.•3 views

mysql: mariadb: InnoDB unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

5.5CVSS5.7AI score0.00819EPSS

RedHat Linux•added 2025/11/04 11:50 a.m.•13 views

mysql: mariadb: High Privilege Denial of Service Vulnerability in MySQL Server (CPU Jan 2025)

4.9CVSS5.7AI score0.01236EPSS

Tenable Nessus•added 2025/11/04 12:0 a.m.•4 views

TencentOS Server 4: mysql (TSSA-2025:0842)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0842 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

5.5CVSS6.6AI score0.00533EPSS

Exploits0References3

Positive Technologies•added 2025/11/03 12:0 a.m.•6 views

PT-2025-44771

Name of the Vulnerable Software and Affected Versions Simple User Management System with PHP-MySQL version 1.0 Description The Simple User Management System with PHP-MySQL fails to properly sanitize user input in the Profile Section, allowing attackers to inject and execute arbitrary JavaScript...

4.6CVSS5.9AI score0.00173EPSS

Exploits1References3

Vulnrichment•added 2025/11/03 12:0 a.m.•4 views

CVE-2025-63442

Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting XSS via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser...

5.9AI score0.00173EPSS

Exploits1References1

AstraLinux•added 2025/11/01 10:54 a.m.•2 views

Astra Linux – Vulnerability in MariaDB

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. The supported versions affected are 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. This easily exploitable vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise the MySQL...

5.5CVSS6.6AI score0.00819EPSS

Exploits0References3

AstraLinux•added 2025/11/01 10:54 a.m.•4 views

Astra Linux – Vulnerability in PostgresSQL-15

Inclusion of untrusted data in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for execution during the restore process, as the client operating system account running psql restores the dump using psql meta-commands. pgdumpall is also affected...

8.8CVSS7.2AI score0.00709EPSS

Exploits1References3

OSV•added 2025/10/31 2:11 p.m.•4 views

OESA-2025-2544 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

OSV•added 2025/10/31 2:11 p.m.•2 views

OESA-2025-2543 mysql security update

OSV•added 2025/10/31 2:11 p.m.•5 views

OESA-2025-2542 mysql security update

OSV•added 2025/10/31 2:11 p.m.•4 views

OESA-2025-2540 mysql security update

OSV•added 2025/10/31 8:58 a.m.•2 views

OPENSUSE-SU-2025:20022-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2025-59681: Fixed a potential SQL injection in QuerySet.annotate, alias, aggregate, and extra on MySQL and MariaDB boo1250485 - CVE-2025-59682: Fixed a potential partial directory-traversal via archive.extract boo1250487...

9.8CVSS5.9AI score0.00863EPSS

RedhatCVE•added 2025/10/30 7:0 a.m.•4 views

CVE-2025-53069

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

RedhatCVE•added 2025/10/30 7:0 a.m.•3 views

CVE-2025-53062

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

RedhatCVE•added 2025/10/30 7:0 a.m.•7 views

CVE-2025-53054

5.5CVSS5.3AI score0.00438EPSS

RedhatCVE•added 2025/10/30 7:0 a.m.•5 views

CVE-2025-53045

RedhatCVE•added 2025/10/30 7:0 a.m.•6 views

CVE-2025-53042

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

RedhatCVE•added 2025/10/30 7:0 a.m.•6 views

CVE-2025-53040