Lucene search
K

93 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/08/08 9:17 p.m.35 views

Security Bulletin: protobuf-java component is vulnerable to CVE-2022-3510 and CVE-2022-3509 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses protobuf-java package which is vulnerable to CVE-2022-3510 and CVE-2022-3509. Vulnerability Details CVEID:CVE-2022-3510 DESCRIPTION: protobuf-java core and lite are vulnerable to a denial of service, caused by a flaw in the parsing procedure for...

7.5CVSS7.4AI score0.00567EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/05 12:0 a.m.7 views

Vulnerability of the Server component: The Data Dictionary of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server component: The Data Dictionary component of the Oracle MySQL Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to cause service interruptions using the MySQL protocol...

6.8CVSS6.4AI score0.01834EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/28 12:0 a.m.4 views

PT-2023-20806

Name of the Vulnerable Software and Affected Versions wangmarket CMS version 4.10 Description The issue allows remote attackers to run arbitrary SQL commands via the TableName parameter to the "/plugin/dataDictionary/tableView.do" API endpoint. This enables attackers to manipulate database querie...

9.8CVSS7.5AI score0.00966EPSS
Exploits1References8
NVD
NVD
added 2023/04/19 12:15 a.m.34 views

CVE-2023-30557

Archery is an open source SQL audit platform. The Archery project contains multiple SQL injection vulnerabilities, that may allow an attacker to query the connected databases. Affected versions are subject to SQL injection in the datadictionary.py tableinfo. User input coming from the dbname in a...

6.5CVSS6.7AI score0.00844EPSS
Exploits1References2
CVE
CVE
added 2023/04/18 10:35 p.m.55 views

CVE-2023-30558

CVE-2023-30558 affects Archery, an open source SQL audit platform. The vulnerability arises from multiple SQL injection flaws in the sql/data_dictionary.py table_list endpoint, where untrusted input from the db_name parameter is concatenated into SQL queries and passed to database engines. Affect...

6.5CVSS6.8AI score0.00835EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.6 views

PT-2023-22785 · Archery · Archery

Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...

6.5CVSS6.9AI score0.00835EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.3 views

SUSE CVE-2017-12959

There is a reachable assertion abort in the function dictaddmrset in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack...

7.5CVSS7.6AI score0.01262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-16832

The pebfdreadbuildid function in peicode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service segmentation violation and applicatio...

4CVSS7.5AI score0.01792EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:18 a.m.3 views

SUSE CVE-2019-2746

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Data Dictionary. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

6.5CVSS8AI score0.01834EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/11/15 12:26 p.m.29 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS2AI score0.01024EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.5 views

mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2021)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQ...

4.4CVSS7.3AI score0.0039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/25 9:10 a.m.2 views

mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.8AI score0.01024EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/10/24 12:0 a.m.7 views

Vulnerability of the Server component: The Data Dictionary of the MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the MySQL Server component, which is part of the database management system, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

6.8CVSS6.3AI score0.01024EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/10/19 12:0 a.m.27 views

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-87659)

Oracle MySQL Server is a relational database from Oracle Corporation USA. A denial-of-service vulnerability exists in the Server: Data Dictionary component of Oracle MySQL Server. An attacker can exploit the vulnerability to access the network via multiple protocols, which can compromise MySQL...

4.9CVSS2.3AI score0.01024EPSS
Exploits0References1
NVD
NVD
added 2022/10/18 9:15 p.m.18 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS0.01024EPSS
Exploits0References2
OSV
OSV
added 2022/10/18 9:15 p.m.24 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS5.6AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/10/18 9:15 p.m.30 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.6AI score0.01024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/18 9:15 p.m.5 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.5AI score0.01024EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/10/18 9:15 p.m.2 views

UBUNTU-CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.6AI score0.01024EPSS
Exploits0References2
CVE
CVE
added 2022/10/18 12:0 a.m.609 views

CVE-2022-21605

CVE-2022-21605 concerns the Oracle MySQL Server, specifically the Server: Data Dictionary component. Affected are MySQL Server versions 8.0.28 and earlier . The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to cause the server to hang or crash, resul...

4.9CVSS4.7AI score0.01024EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder