jsii-rosetta (>=5.7.0 <=5.7.24-dev.9), jsii-srcmak (>=0.1.1306 <=0.1.1308) potentially affected by unknown CVE via jsii (=5.7.22)

jsii NPM version =5.7.22 is affected by a known vulnerability. The following packages have a transitive dependency on jsii and may be impacted: - jsii-rosetta =5.7.0, =0.1.1306, =0.1.1308 Source cves: unknown CVE Source advisory: OSV:GHSA-M56H-5XX3-2JC2...

CVE-2024-4845

The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘optionslistid’ parameter in all versions up to, and including, 5.7.22 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...

PT-2024-33115 · WordPress · Icegram Express

Name of the Vulnerable Software and Affected Versions: Icegram Express plugin for WordPress versions up to, and including, 5.7.22 Description: The issue allows authenticated attackers with Subscriber-level access and above to perform SQL Injection via the optionslist id parameter due to...

mysql: Server: DDL unspecified vulnerability (CPU Jul 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: Server: DDL unspecified vulnerability (CPU Jul 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: InnoDB unspecified vulnerability (CPU Jul 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

ALPINE-CVE-2018-3081

Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

CVE-2018-3061

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

ALPINE-CVE-2018-3058

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: MyISAM. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2018-3077

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

Oracle MySQL Security Update (cpujul2018 - 05) - Windows

Oracle MySQL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; ifdescription...

MySQL 5.7.x < 5.7.22 Multiple Vulnerabilities (April 2018 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.22. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not...