Lucene search
K

104 matches found

Prion
Prion
added 2022/11/04 12:15 p.m.16 views

Format string

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

7.5CVSS9.6AI score0.00562EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/11/04 12:0 a.m.8 views

PingCAP TiDB 格式化字符串错误漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A formatting string error vulnerability exists in PingCAP TiDB versions prior to 6.1.3 through 6.4.0, which stems from its use of externally...

9.8CVSS5.8AI score0.00562EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/11/04 12:0 a.m.5 views

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

4.2CVSS6.8AI score0.00562EPSS
Exploits0References2
CVE
CVE
added 2022/11/04 12:0 a.m.63 views

CVE-2022-3023

The CVE-2022-3023 entry relates to a vulnerability in the PingCAP TiDB server where an externally controlled format string is used, affecting TiDB and specifically versions prior to 6.4.0 and prior to 6.1.3. The issue is described as a format-string vulnerability that can lead to unintended behav...

9.8CVSS6.8AI score0.00562EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/04 12:0 a.m.3 views

PT-2022-20025 · Tidb · Tidb

Name of the Vulnerable Software and Affected Versions: TiDB versions prior to 6.4.0 TiDB versions prior to 6.1.3 Description: The issue concerns the use of an externally-controlled format string and data source name injection in the TiDB server. Specifically, the database name for generating and...

9.8CVSS4.9AI score0.00562EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/11/04 12:0 a.m.41 views

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

4.2CVSS9.8AI score0.00562EPSS
Exploits0References2
OSV
OSV
added 2022/11/04 12:0 a.m.23 views

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

4.2CVSS4.8AI score0.00562EPSS
Exploits0References4
Veracode
Veracode
added 2022/08/03 1:52 p.m.27 views

Denial Of Service (DoS)

github.com/pingcap/tidb is vulnerable to Denial Of Service DoS. The vulnerability exists in AuthOpt parameter in grant.go because of null pointer dereference which allows to an attacker to crash the application...

7.5CVSS7.2AI score0.00776EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2022/08/03 2:15 a.m.24 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.5CVSS0.00776EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:15 a.m.1 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.5CVSS5.9AI score0.00776EPSS
Exploits1References2
Prion
Prion
added 2022/08/03 2:15 a.m.17 views

Null pointer dereference

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

5CVSS7.5AI score0.00776EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/03 1:49 a.m.24 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.7AI score0.00776EPSS
Exploits1References1
OSV
OSV
added 2022/08/03 1:49 a.m.13 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.5CVSS7.3AI score0.00776EPSS
Exploits1References3
CVE
CVE
added 2022/08/03 1:49 a.m.64 views

CVE-2022-34969

CVE-2022-34969 concerns PingCAP TiDB v6.1.0, where a NULL pointer dereference in TiDB is confirmed by multiple sources. The CVE entry documents the issue as a NULL pointer dereference with a high impact on availability (NVD: CVSSv3.1 base 7.5, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Several connect...

7.5CVSS7.5AI score0.00776EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/08/03 12:0 a.m.3 views

PingCAP TiDB 代码问题漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A code issue vulnerability exists in PingCAP TiDB version v6.1.0, which stems from the presence of null pointer references...

7.5CVSS7.4AI score0.00776EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/03 12:0 a.m.4 views

PT-2022-22464 · Pingcap · Tidb

Name of the Vulnerable Software and Affected Versions: PingCAP TiDB version 6.1.0 Description: A NULL pointer dereference issue was discovered in PingCAP TiDB. Recommendations: For PingCAP TiDB version 6.1.0, at the moment, there is no information about a newer version that contains a fix for thi...

7.5CVSS7.3AI score0.00776EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/06/06 9:22 p.m.34 views

TiDB authentication bypass vulnerability

Impact Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. Patches Please upgrade to TiDB 5.3.1 or high...

7.8CVSS7.9AI score0.00311EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/06 9:22 p.m.41 views

GHSA-4WHX-7P29-MQ22 TiDB authentication bypass vulnerability

Impact Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. Patches Please upgrade to TiDB 5.3.1 or high...

7.8CVSS7.8AI score0.00311EPSS
Exploits0References4
NVD
NVD
added 2022/05/31 8:15 p.m.32 views

CVE-2022-31011

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing HTAP workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access...

7.8CVSS0.00311EPSS
Exploits0References2
Prion
Prion
added 2022/05/31 8:15 p.m.15 views

Authentication flaw

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing HTAP workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access...

4.6CVSS7.8AI score0.00311EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder