Linux Distros Unpatched Vulnerability : CVE-2021-2342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and...

CVE-2024-8254

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.7.34. This is due to the software allowing users to execute an action that do...

WordPress plugin Email Subscribers by Icegram Express 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code injection vulnerability exists in the WordPres...

PT-2024-38892 · Icegram Express · Email Subscribers

Name of the Vulnerable Software and Affected Versions: Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress versions up to, and including, 5.7.34 Description: The issue is related to arbitrary shortcode execution due to t...

CVE-2024-8771

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'previewemailtemplatedesign' function in all versions up to, and including,...

WordPress Email Subscribers & Newsletters plugin <= 5.7.34 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Sensitive Information Exposure vulnerability discovered by Michelle Porter in WordPress Plugin Email Subscribers & Newsletters versions = 5.7.34...

WordPress Email Subscribers & Newsletters Plugin <= 5.7.34 is vulnerable to Broken Access Control

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.7.34 Fixed in 5.7.35 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-8771 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d3427c89899f Credits Michelle...

SUSE CVE-2021-2389

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...

mysql: InnoDB unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: InnoDB unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H).

...

Oracle MySQL Server <= 5.7.34 / 8.0 <= 8.0.25 Security Update (cpujul2021) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

Oracle MySQL 输入验证错误漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. A denial-of-service vulnerability exists in the InnoDB component of Oracle MySQL Server 5.7.34, 8.0.25 and earlier versions. An attacker could exploit the vulnerability to cause MySQL Server to hang or crash repeatedly and...