Lucene search
K

142 matches found

NVD
NVD
added 2023/10/17 10:15 p.m.33 views

CVE-2023-22074

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via...

2.4CVSS2.6AI score0.00887EPSS
Exploits2References2
Prion
Prion
added 2023/10/17 10:15 p.m.28 views

Buffer overflow

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via...

2.8CVSS3.1AI score0.00887EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2023/10/17 10:15 p.m.19 views

Buffer overflow

Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any View, Select Any Table privilege with network...

2.8CVSS3.1AI score0.00395EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/17 9:2 p.m.377 views

CVE-2023-22075

CVE-2023-22075 affects Oracle Database Server, specifically the Database Sharding component. Affected versions are 19.3–19.20 and 21.3–21.11. The issue arises from insufficient input validation in Oracle Database Sharding, enabling a high-privilege user with network access via Oracle Net to cause...

2.4CVSS2.5AI score0.00395EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/17 9:2 p.m.379 views

CVE-2023-22074

CVE-2023-22074 affects Oracle Database Server, specifically the Database Sharding component. Affected versions are 19.3–19.20 and 21.3–21.11. The root issue allows a highly privileged attacker (needs Create Session and Select Any Dictionary) with network access via Oracle Net, plus user interacti...

2.4CVSS2.5AI score0.00887EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.6 views

PT-2023-6197 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The issue is related to insufficient input validation in the Database Sharding component of Oracle Database Server. This can be...

3.3CVSS3.1AI score0.00887EPSS
Exploits2References7
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.3 views

Oracle Database Server Security Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability in the Oracle Database Sharding component of Oracle Database...

2.4CVSS6.7AI score0.00395EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.2 views

Oracle Database Server Security Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability in the Oracle Database Sharding component of Oracle Database...

2.4CVSS6.7AI score0.00887EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2023/10/17 12:0 a.m.4 views

PT-2023-6199 · Oracle · Oracle Database Server +2

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The issue is related to insufficient input validation in the Oracle Database Sharding component. It allows a high-privileged...

3.3CVSS3.1AI score0.00395EPSS
Exploits0References6
CVE
CVE
added 2023/05/11 7:7 p.m.53 views

CVE-2023-29195

Vitess VTAdmin shard creation bug: before 16.0.2, VTAdmin could produce a shard name containing a "/" that caused subsequent shard creation attempts to fail and keyspace views to break. The issue is fixed in version 16.0.2 (go module v0.16.2). Workarounds include: use vtctldclient to create shard...

4.3CVSS4.3AI score0.00983EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2023/05/11 7:7 p.m.59 views

CVE-2023-29195 Vitess VTAdmin users that can create shards can deny access to other functions

Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing / characters from VTAdmin such that from that point on, anyone who tries to create a new shard fr...

4.1CVSS4.7AI score0.00983EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.6 views

com.typesafe.akka:akka-stream-kafka-cluster-sharding_3 (=4.0.1), com.typesafe.akka:akka-stream-kafka-testkit_3 (=4.0.1) potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_3 (=4.0.1)

com.typesafe.akka:akka-stream-kafka3 MAVEN version =4.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on com.typesafe.akka:akka-stream-kafka3 and may be impacted: - com.typesafe.akka:akka-stream-kafka-cluster-sharding3 =4.0.1 -...

5.5CVSS6AI score0.00152EPSS
Exploits0
OSV
OSV
added 2023/04/17 10:15 p.m.6 views

CVE-2023-28980

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service DoS. In a rib sharding scenario the rpd process will crash shortly after specific CLI command is...

5.5CVSS6.1AI score0.00171EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/17 12:0 a.m.8 views

CVE-2023-28980 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario an rpd crash will happen shortly after a specific CLI command is issued

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service DoS. In a rib sharding scenario the rpd process will crash shortly after specific CLI command is...

5.5CVSS5.5AI score0.00171EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/17 12:0 a.m.5 views

PT-2023-22062 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 20.2R3-S5 through 20.2R3-S6 Juniper Networks Junos OS versions 20.3R3-S2 through 20.3R3-S5 Juniper Networks Junos OS versions 20.4R3-S1 through 20.4R3-S4 Juniper Networks Junos OS versions 21.1R3 through...

5.5CVSS5.4AI score0.00171EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/04/17 12:0 a.m.10 views

CVE-2023-28982 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario when a route is frequently updated an rpd memory leak will occur

A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service DoS. In a BGP rib sharding scenario, when an attribute of an active BG...

7.5CVSS7.5AI score0.00644EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/17 12:0 a.m.32 views

CVE-2023-28980 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario an rpd crash will happen shortly after a specific CLI command is issued

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service DoS. In a rib sharding scenario the rpd process will crash shortly after specific CLI command is...

5.5CVSS5.7AI score0.00171EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:32 p.m.52 views

K11100332: Multiple Oracle Database Server vulnerabilities

Security Advisory Description CVE-2016-3479 Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. CVE-2016-3484 Unspecified vulnerability in the Database Vault component i...

9CVSS5.9AI score0.03744EPSS
Exploits0
Prion
Prion
added 2023/01/26 9:18 p.m.29 views

Authorization

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions starting with 2.5.0-rc1 and above, prior to 2.5.8, and version 2.6.0-rc4, are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed...

4.6CVSS8.1AI score0.0078EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/26 3:35 a.m.9 views

CVE-2023-22736 argo-cd Controller reconciles apps outside configured namespaces when sharding is enabled

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions starting with 2.5.0-rc1 and above, prior to 2.5.8, and version 2.6.0-rc4, are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed...

8.5CVSS8.5AI score0.0078EPSS
Exploits0References1
Rows per page
Query Builder