59 matches found
MariaDB -- Denial-of-Service vulnerability
The MariaDB project reports: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete...
FreeBSD : opengrok -- Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. (1135e939-62b4-11ec-b8e2-1c1b0d9ea7e6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1135e939-62b4-11ec-b8e2-1c1b0d9ea7e6 advisory. - Vulnerability in OpenGrok component: Web App. Versions that are affected are 1.6.7 and prior. Easily...
the function _validateExecutionRequest checks the valid excutor account by the address of account given in call data instead of msg.sender which is realy easily exploitble
Lines of code Vulnerability details Impact the function validateExecutionRequest checks the valid excutor account by the address of account given in call data instead of msg.sender which is realy easily exploitable if you look at the function function validateExecutionRequestExecutionRequest...
CVE-2023-22070
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Oracle Solaris Critical Patch Update : jul2023_SRU11_4_59_144_2
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Apache Tomcat. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability...
Oracle JDeveloper Information Disclosure (April 2023 CPU)
The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by an information disclosure vulnerability as referenced in the April 2023 CPU advisory. Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware component: ADF...
CVE-2023-21892
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Visual Analyzer. Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
CVE-2023-21873
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2023-21840
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 5.7.40 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
Privilege escalation
The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a...
CVE-2022-21253
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
Oracle Solaris Critical Patch Update : oct2021_SRU11_4_34_94_4
This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Utility. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to...
Design/Logic Flaw
Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Client. The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global...
Design/Logic Flaw
Vulnerability in the Oracle Compensation Workbench product of Oracle E-Business Suite component: Compensation Workbench. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-2021
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2021-2024
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2020-14756
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core Components. Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP,...
MGASA-2020-0404 Updated mariadb packages fix security vulnerabilities
The latest release of mariadb fixes some undisclosed easily exploitable vulnerabilities. CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 and CVE-2020-14812. Additionally some bugs are fixed: - Temporary tables can overwrite existing files MDEV-23569 - Crash on SELECT on a table with indexed virtua...
CVE-2020-14861
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2020-14870
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...