mysql: unspecified vulnerability related to Server Privileges (CPU April 2013)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

DEBIAN-CVE-2013-1416

The prepreprocessreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a...

UBUNTU-CVE-2013-1416

The prepreprocessreq function in dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a...

CVE-2013-2378

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema...

CVE-2013-2395

Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567...

Code injection

Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 7.0, 8.1, and 8.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Access...

CVE-2013-2397

Technical details about CVE-2013-2397 are not provided in the connected documents; no specifics on affected product, impact, or remediation are given here. Monitor for updates from official advisories.

CVE-2013-1526

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication...

Design/Logic Flaw

Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer...

Design/Logic Flaw

Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges...

CVE-2013-1523

Disclaimer: This data contains information about vulnerable...

CVE-2013-1516

Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server...

CVE-2013-1544

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language...

CVE-2013-2378

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema...

CVE-2013-1555

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition...

PT-2013-3193 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.30 and earlier Oracle MySQL versions 5.6.10 and earlier Description: The issue affects the availability of the system, allowing remote authenticated users to impact it via unknown vectors related to InnoDB...

CVE-2013-1197

The CVE-2013-1197 issue affects Cisco Unified Presence (CUP): the server's XML parser in the jabberd process can be triggered by crafted XMPP messages by an authenticated remote attacker to cause a denial of service (jabberd daemon crash). The vulnerability is due to insufficient validation of XM...

Portal: Cross Site Request Forgery

Cross-site request forgery CSRF vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

Puppet: HTTP PUT report saving code execution vulnerability

Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report...

CVE-2013-1900

PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors related to the "contrib/pgcrypto functions."...