Lucene search
K

523 matches found

almalinux
almalinux
added 2026/03/17 12:0 a.m.4 views

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026...

6.5CVSS5.9AI score0.00337EPSS
Exploits0References14
euvd
euvd
added 2026/03/16 3:30 p.m.5 views

EUVD-2026-12401

A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tableHandWrite results in sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5
nvd
nvd
added 2026/03/16 2:20 p.m.4 views

CVE-2026-4234

A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tableHandWrite results in sql injection. The attack can be executed remotely. The exploit has been...

6.5CVSS0.00192EPSS
Exploits0References4
snyk
snyk
added 2026/03/16 12:52 p.m.6 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the tableHandWrite argument in the DDL Handler process. An attacker can access or modify sensitive data and potentially disrupt application functionality by injecting crafted SQL statements remotely. Remediation There ...

6.5CVSS6.8AI score0.00192EPSS
Exploits0References2
cve
cve
added 2026/03/16 10:32 a.m.14 views

CVE-2026-4234

CVE-2026-4234 affects SSCMS 7.4.0, specifically the DDL Handler component and the file SitesAddController.Submit.cs . The vulnerability arises from the manipulation of the argument tableHandWrite , enabling a SQL injection . The attack can be executed remotely and the exploit has been publicly re...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References4
nessus
nessus
added 2026/03/11 12:0 a.m.7 views

AlmaLinux 10 : mysql8.4 (ALSA-2026:4162)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4162 advisory. mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21948 mysql: Inno...

6.5CVSS7.2AI score0.00337EPSS
Exploits0References8
osv
osv
added 2026/03/10 12:0 a.m.4 views

ALSA-2026:4162 Moderate: mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: mysql:...

6.5CVSS5.8AI score0.00337EPSS
Exploits0References14
nessus
nessus
added 2026/03/10 12:0 a.m.7 views

RHEL 10 : mysql8.4 (RHSA-2026:4162)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4162 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and...

6.5CVSS7.2AI score0.00337EPSS
Exploits0References15
euvd
euvd
added 2026/01/21 12:31 a.m.7 views

EUVD-2026-3572

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS4.9AI score0.00337EPSS
Exploits0References2
osv
osv
added 2026/01/20 10:15 p.m.8 views

AZL-74955 CVE-2026-21937 affecting package mysql for versions less than 8.0.45-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS5.7AI score0.00337EPSS
Exploits0References1
osv
osv
added 2026/01/20 10:15 p.m.6 views

AZL-74999 CVE-2026-21937 affecting package mysql for versions less than 8.0.45-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS5.7AI score0.00337EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/01/20 10:15 p.m.5 views

CVE-2026-21937

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS7AI score0.00337EPSS
Exploits0References4
attackerkb
attackerkb
added 2026/01/20 9:56 p.m.6 views

CVE-2026-21937

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS6.4AI score0.00337EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/01/20 9:56 p.m.4 views

CVE-2026-21937

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

4.9CVSS6.5AI score0.00337EPSS
Exploits0
ptsecurity
ptsecurity
added 2026/01/20 12:0 a.m.8 views

PT-2026-3687

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 8.0.0 through 8.0.44 Oracle MySQL versions 8.4.0 through 8.4.7 Oracle MySQL versions 9.0.0 through 9.5.0 Description A flaw exists in the Server: DDL component of Oracle MySQL Server that allows a high-privileged attacker...

6.8CVSS6.8AI score0.00533EPSS
Exploits0References62
nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 7 : rh-mysql80-mysql-8.0.17-1.el7 (AXSA:2020-4497:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4497:03 advisory. mysql: Server: Replication multiple unspecified vulnerabilities CVE-2019-2800, CVE-2019-2436, CVE-2019-2531, CVE-2019-2534, CVE-2019-2614,...

7.1CVSS7.9AI score0.0461EPSS
Exploits0References24
nessus
nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : mysql:8.0 (AXSA:2020-844:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-844:01 advisory. mysql: Server: Security: Privileges multiple unspecified vulnerabilities CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774...

7.2CVSS7.7AI score0.03726EPSS
Exploits1References16
nessus
nessus
added 2026/01/20 12:0 a.m.12 views

MiracleLinux 8 : mysql:8.0 (AXSA:2024-7561:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7561:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023 CVE-2023-21919,...

7.5CVSS6.4AI score0.01782EPSS
Exploits0References76
ibm
ibm
added 2025/12/04 2:43 p.m.31 views

Security Bulletin: Multiple vulnerabilities in IBM Controller

Summary Multiple vulnerabilities were addressed in IBM Controller 11.1.2. Vulnerability Details CVEID:CVE-2024-38820 DESCRIPTION: The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could...

9.3CVSS8.1AI score0.17027EPSS
Exploits1Affected Software2
nessus
nessus
added 2025/12/04 12:0 a.m.4 views

MongoDB 7.0.x < 7.0.25 / 8.0.x < 8.0.15 / 8.2.x < 8.2.1 / 8.3.0-rc0 (SERVER-105873)

The version of MongoDB installed on the remote host is 7.0 prior to 7.0.25, 8.0 prior to 8.0.15, 8.2 prior to 8.2.1 and 8.3.0-rc0. It is, therefore, affected by a vulnerability as referenced in the SERVER-105873 advisory. - An authorized user may crash the MongoDB server by causing buffer...

6.5CVSS7.3AI score0.00246EPSS
Exploits0References2
Rows per page
Query Builder