19 matches found
GHSA-R397-FF8C-WV2G aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...
CVE-2019-2503
creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5992...
SUSE CVE-2019-2503
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical...
MariaDB 10.2.0 < 10.2.18 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.2.18. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.2.18 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that a...
MariaDB 10.1.0 < 10.1.36
The version of MariaDB installed on the remote host is prior to 10.1.36. It is, therefore, affected by a vulnerability as referenced in the 10.1.36 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affect...
MariaDB 10.3.0 < 10.3.10
The version of MariaDB installed on the remote host is prior to 10.3.10. It is, therefore, affected by a vulnerability as referenced in the 10.3.10 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affect...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
PT-2020-17051 · Mariadb Foundation +4 · Mariadb +3
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
NewStart CGSL CORE 5.05 / MAIN 5.05 : mariadb Multiple Vulnerabilities (NS-SA-2019-0243)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has mariadb packages installed that are affected by multiple vulnerabilities: - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines. Supported versions that are affected are 5.5.61...
Amazon Linux 2 : mariadb (ALAS-2019-1292)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical...
Medium: mariadb
Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Connection Handling. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to...
mariadb security update
CentOS Errata and Security Advisory CESA-2019:2327 An update for mariadb is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Fedora 28 : community-mysql (2019-21b76d179e)
MySQL 5.7.25 Release notes : https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html CVEs fixed : CVE-2019-2420 CVE-2019-2434 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2486 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2528 CVE-2019-2529 CVE-2019-2531 CVE-2019-2532...
openSUSE Security Update : mysql-community-server (openSUSE-2019-138)
This update for mysql-community-server to version 5.6.43 fixes the following issues : Security issues fixed : - CVE-2019-2534, CVE-2019-2529, CVE-2019-2482, CVE-2019-2455, CVE-2019-2503, CVE-2019-2537, CVE-2019-2481, CVE-2019-2507, CVE-2019-2531, CVE-2018-0734 boo1113652, boo1122198 %NASLMINLEVEL...
CVE-2019-2503 vulnerabilities
Vulnerabilities for packages: mysql...
MariaDB 10.0.0 < 10.0.37 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.0.37. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.37 advisory. - The crc32big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors...
Oracle MySQL Server <= 5.6.42 / 5.7 <= 5.7.24 / 8.0 <= 8.0.13 Security Update (cpujan2019) - Windows
Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Debian: Security Advisory (DLA-1570-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...