Sql injection

An authenticated SQL Injection vulnerability in the statistics page /statistics/retrieve of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases...

CVE-2022-37773

An authenticated SQL Injection vulnerability in the statistics page /statistics/retrieve of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases...

MariaDB 10.0.0 < 10.0.32 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.0.32. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.32 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected...

MariaDB 10.1.0 < 10.1.29 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.1.29. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.1.29 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are...

CVE-2022-21635

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

Information Disclosure

rh-mysql80-mysql is vulnerable to information disclosure. The vulnerability exists in the Server: Logging component, allowing an attacker to access critical data or complete access to all MySQL Server accessible data through the multiple protocol...

CVE-2022-37913

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges leading to a...

Authentication flaw

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges leading to a...

CVE-2022-37914

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges leading to a...

MED: HolographOperator.sol 's resetOperator() function allows malicious or hacked admin to permanently freeze operator's bonded tokens.

Lines of code Vulnerability details Description In HolographOperator, the following function is implemented: function resetOperator uint256 blockTime, uint256 baseBondAmount, uint256 podMultiplier, uint256 operatorThreshold, uint256 operatorThresholdStep, uint256 operatorThresholdDivisor external...

Oracle Business Intelligence Publisher (Oct 2022 CPU)

The 5.9.0.0 and 6.4.0.0 versions of Oracle Business Intelligence Enterprise Edition installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Core...

CVE-2022-21594

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2022-21607

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21595

Vulnerability in the MySQL Server product of Oracle MySQL component: C API. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2022-21641

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Design/Logic Flaw

A PHP Local File Inclusion LFI vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. By chaining this vulnerability with other unspecified vulnerabilities, and by circumventing existing attack...

CVE-2022-21608

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2022-21634

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE component: LLVM Interpreter. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...

CVE-2022-21608

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...