46040 matches found
CVE-2025-53053
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2025-53044
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
org.keycloak.testframework:keycloak-test-framework-core (>=26.1.0 <=26.2.1), org.keycloak.testframework:keycloak-test-framework-db-mariadb (>=26.1.0 <=26.2.1) +12 more potentially affected by CVE-2025-11419 via org.keycloak:keycloak-quarkus-dist (>=26.1.0 <=26.2.1)
org.keycloak:keycloak-quarkus-dist MAVEN version =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.0, =26.2.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.1.0, =26.2.1 Source cves: CVE-2025-11419 Source advisory: OSV:GHSA-Q8HQ-4H99-FJ7Xhttps://vulners.com...
EUVD-2025-36057
A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...
CVE-2025-12202 ajayrandhawa User-Management-PHP-MYSQL web cross-site request forgery
A security flaw has been discovered in ajayrandhawa User-Management-PHP-MYSQL web up to fedcf58797bf2791591606f7b61fdad99ad8bff1. This vulnerability affects unknown code. Performing manipulation results in cross-site request forgery. The attack can be initiated remotely. The exploit has been...
User-Management-PHP-MYSQL 安全漏洞
User-Management-PHP-MYSQL is a secure user management system by Ajay Randhawa Individual Developer. A security vulnerability exists in User-Management-PHP-MYSQL that stems from mishandling of unknown code and could lead to cross-site request forgery attacks...
MariaDB DoS Vulnerability (MDEV-33727)
MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...
MariaDB Multiple Vulnerabilities (MDEV-36268, MDEV-36613)
MariaDB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if description...
CVE-2025-4203 wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection via get_members Function
The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the getmembers function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'rowcount' parameters. The function blindly interpolates 'rowcount' into a...
CVE-2025-4203 wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection via get_members Function
The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the getmembers function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'rowcount' parameters. The function blindly interpolates 'rowcount' into a...
CVE-2025-53067
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...
Oracle MySQL Cluster 9.x.x < 9.5.0 (October 2025 CPU)
The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General libxml2. Easily exploitable vulnerability allows...
Oracle MySQL Cluster 8.4.x < 8.4.7 (October 2025 CPU)
The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General libxml2. Easily exploitable vulnerability allows...
Oracle MySQL Cluster 8.0.x < 8.0.44 (October 2025 CPU)
The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General libxml2. Easily exploitable vulnerability allows...
Oracle MySQL Server 9.x.x < 9.5.0 (October 2025 CPU)
The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...
Oracle MySQL Server 8.4.x < 8.4.7 (October 2025 CPU)
The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...
Moderate Photon OS Security Update - PHSA-2025-4.0-0894
Updates of 'mysql' packages of Photon OS have been released...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in Oracle MySQL Specifically for versions 8.0.0-8.0.43, 8.4.0-8.4.6, and 9.0.0-9.4.0. The vulnerabilities in Oracle MySQL allow highly privileged attackers to perform denial-of-service attacks and manipulate data without authorization. This can lead to severe...
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
...
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...