Lucene search
K

1555 matches found

OSV
OSV
added 2022/10/21 2:15 p.m.7 views

SUSE-SU-2022:3692-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-40303: Fixed integer overflows with XMLPARSEHUGE bsc1204366. - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles bsc1204367...

7.8CVSS8AI score0.22791EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2022/10/19 8:47 p.m.38 views

CVE-2022-40304

A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free...

7.8CVSS2.5AI score0.06782EPSS
Exploits0References3
CNVD
CNVD
added 2022/10/19 12:0 a.m.27 views

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2022-87659)

Oracle MySQL Server is a relational database from Oracle Corporation USA. A denial-of-service vulnerability exists in the Server: Data Dictionary component of Oracle MySQL Server. An attacker can exploit the vulnerability to access the network via multiple protocols, which can compromise MySQL...

4.9CVSS2.3AI score0.01024EPSS
Exploits0References1
NVD
NVD
added 2022/10/18 9:15 p.m.17 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS0.01024EPSS
Exploits0References2
OSV
OSV
added 2022/10/18 9:15 p.m.23 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS5.6AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/10/18 9:15 p.m.4 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.5AI score0.01024EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/10/18 9:15 p.m.29 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.6AI score0.01024EPSS
Exploits0References1
OSV
OSV
added 2022/10/18 9:15 p.m.2 views

UBUNTU-CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.6AI score0.01024EPSS
Exploits0References2
CVE
CVE
added 2022/10/18 12:0 a.m.609 views

CVE-2022-21605

CVE-2022-21605 concerns the Oracle MySQL Server, specifically the Server: Data Dictionary component. Affected are MySQL Server versions 8.0.28 and earlier . The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to cause the server to hang or crash, resul...

4.9CVSS4.7AI score0.01024EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/18 12:0 a.m.20 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS5.9AI score0.01024EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/18 12:0 a.m.2 views

Oracle MySQL 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation USA. A denial-of-service vulnerability exists in the Server: Data Dictionary component of Oracle MySQL Server. An attacker can exploit the vulnerability to access the network via multiple protocols, which can compromise MySQL...

4.9CVSS8.1AI score0.01024EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2022/10/18 12:0 a.m.27 views

CVE-2022-21605

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS5.6AI score0.01024EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/09/20 1:42 p.m.2 views

mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.8AI score0.01024EPSS
Exploits0References4
Prion
Prion
added 2022/09/15 10:15 p.m.13 views

Out-of-bounds

go-cvss is a Go module to manipulate Common Vulnerability Scoring System CVSS. In affected versions when a full CVSS v2.0 vector string is parsed using ParseVector, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag v0.4.0, by th...

5CVSS7.4AI score0.01202EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/09/15 9:45 p.m.29 views

CVE-2022-39213 Out-of-bounds Read in go-cvss

go-cvss is a Go module to manipulate Common Vulnerability Scoring System CVSS. In affected versions when a full CVSS v2.0 vector string is parsed using ParseVector, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag v0.4.0, by th...

7.5CVSS7.6AI score0.01202EPSS
Exploits1References3
CVE
CVE
added 2022/09/15 9:45 p.m.104 views

CVE-2022-39213

CVE-2022-39213 affects the Go module go-cvss . In affected versions, parsing a full CVSS v2.0 vector with the function ParseVector can trigger an Out-of-Bounds Read, resulting in a panic. The issue is fixed in tag v0.4.0 (commit d9d478ff0c13b8b09ace030db9262f3c2fe031f4); upgrading to that release...

7.5CVSS7.4AI score0.01202EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2022/09/15 8:7 a.m.5 views

dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion.

.NET Core and Visual Studio Denial of Service Vulnerability...

7.5CVSS5.8AI score0.03074EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/14 2:5 p.m.6 views

dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion.

.NET Core and Visual Studio Denial of Service Vulnerability...

7.5CVSS5.8AI score0.03074EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/14 2:5 p.m.5 views

dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion.

.NET Core and Visual Studio Denial of Service Vulnerability...

7.5CVSS5.8AI score0.03074EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/09/14 1:47 p.m.4 views

mysql: Server: Data Dictionary unspecified vulnerability (CPU Oct 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

4.9CVSS6.8AI score0.01024EPSS
Exploits0References4
Rows per page
Query Builder