Lucene search
K

3413 matches found

Positive Technologies
Positive Technologies
added 2021/05/05 12:0 a.m.3 views

PT-2021-4099 · Unknown +1 · Cyrus Imap +1

Name of the Vulnerable Software and Affected Versions: Cyrus IMAP versions 3.2.7 and earlier, 3.3.x, and 3.4.x before 3.4.1 Description: The issue allows remote authenticated users to bypass intended access restrictions on server annotations, which can cause replication to stall. This is related ...

7.5CVSS5.7AI score0.0307EPSS
Exploits0References23
FreeBSD
FreeBSD
added 2021/05/05 12:0 a.m.24 views

cyrus-imapd -- Remote authenticated users could bypass intended access restrictions on certain server annotations.

Cyrus IMAP 3.4.1 Release Notes states: Fixed CVE-2021-32056: Remote authenticated users could bypass intended access restrictions on certain server annotations. Additionally, a long-standing bug in replication did not allow server annotations to be replicated. Combining these two bugs, a remote...

4.3CVSS4.3AI score0.017EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/04/28 12:0 a.m.457 views

GitHub Missing Audit Logging

Original blog post here: https://wwws.nightwatchcybersecurity.com/2021/04/25/supply-chain-attacks-via-github-com-releases/ SUMMARY Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and...

Exploits0
Microsoft CVE
Microsoft CVE
added 2021/04/24 7:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.4CVSS7AI score0.01803EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/04/24 7:0 a.m.4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 1.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).

...

1.9CVSS7AI score0.00363EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2021/04/24 7:0 a.m.2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7AI score0.02043EPSS
Exploits0
NVD
NVD
added 2021/04/22 10:15 p.m.18 views

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

1.9CVSS0.00363EPSS
Exploits0References2
Prion
Prion
added 2021/04/22 10:15 p.m.32 views

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

4CVSS6.1AI score0.02093EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2021/04/22 10:15 p.m.4 views

UBUNTU-CVE-2021-2171

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.4CVSS6.8AI score0.01803EPSS
Exploits0References5
OSV
OSV
added 2021/04/22 10:15 p.m.3 views

UBUNTU-CVE-2021-2178

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

6.5CVSS6.8AI score0.02093EPSS
Exploits0References3
Prion
Prion
added 2021/04/22 10:15 p.m.39 views

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

4CVSS6.1AI score0.01352EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/04/22 10:15 p.m.1 views

UBUNTU-CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

1.9CVSS7.2AI score0.00363EPSS
Exploits0References4
OSV
OSV
added 2021/04/22 10:15 p.m.3 views

UBUNTU-CVE-2021-2202

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.32 and prior and 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

6.5CVSS6.8AI score0.01352EPSS
Exploits0References3
Prion
Prion
added 2021/04/22 10:15 p.m.40 views

Design/Logic Flaw

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

1.9CVSS3.2AI score0.00363EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/04/22 10:15 p.m.3 views

UBUNTU-CVE-2021-2179

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS6.8AI score0.02043EPSS
Exploits0References5
CVE
CVE
added 2021/04/22 9:53 p.m.388 views

CVE-2021-2202

CVE-2021-2202 affects Oracle MySQL Server (Server: Replication). Affected: MySQL 5.7.32 and earlier; 8.0.22 and earlier. Exploitation by a low-privileged, network-authenticated attacker via multiple protocols can cause a hang or repeated crash (DoS) of MySQL Server (CVSS v3.1 base 6.5, Availabili...

6.5CVSS6.2AI score0.01352EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/04/22 9:53 p.m.410 views

CVE-2021-2171

CVE-2021-2171 affects Oracle MySQL Server (Server: Replication). Affected versions: MySQL 5.7.33 and earlier and 8.0.23 and earlier. The flaw allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DoS). The connected advisories indi...

4.4CVSS4.4AI score0.01803EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2021/04/22 2:54 p.m.27 views

CVE-2021-2232

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.23 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to...

1.9CVSS6.7AI score0.00363EPSS
Exploits0References3
CNVD
CNVD
added 2021/04/21 12:0 a.m.11 views

Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2021-30925)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: Group Replication Plugin component in Oracle MySQL Server 8.0.23 and earlier. An attacker can exploit this vulnerability to cause the MySQL server to hang or crash frequently and...

4.9CVSS5.9AI score0.01319EPSS
Exploits0References1
CNVD
CNVD
added 2021/04/21 12:0 a.m.11 views

Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2021-30927)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: Group Replication Plugin component in Oracle MySQL Server 8.0.23 and earlier. An attacker can exploit this vulnerability to cause the MySQL server to hang or crash frequently and...

4.9CVSS5.9AI score0.02072EPSS
Exploits0References1
Rows per page
Query Builder