CVE-2022-21594

CVE-2022-21594 — MySQL Server (Optimizer) Denial of Service . Affects MySQL 8.0.x up to 8.0.30 (including 8.0.30 and prior). The vulnerability resides in the Server: Optimizer component and can be exploited remotely over multiple protocols by a high-privilege attacker to cause the MySQL Server to...

CVE-2022-39408

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: R-SeeNet Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an unauthorized attacker...

CVE-2022-21608

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2022-21604

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

CVE-2022-21600

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21640

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-39400

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2022-21618

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated...

openSUSE 15 Security Update : virtualbox (openSUSE-SU-2022:10152-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10152-1 advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is...

Utkuici - Nessus Automation

Today, with the spread of information technology systems, investments in the field of cyber security have increased to a great extent. Vulnerability management, penetration tests and various analyzes are carried out to accurately determine how much our institutions can be affected by cyber threat...

Blog2Social < 6.9.10 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers PoC Run the script below in the web browser console while being logged in as a subscriber and on the Blog2Social...

Hitachi Energy MicroSCADA Pro X SYS600

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerability: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause the affected...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2022:3441-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3441-1 advisory. - When injecting an HTML base element, some requests would ignore the CSP's base-uri settings and accept the injected element's bas...

CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

Ubuntu: Security Advisory (USN-5638-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla: Incoherent instruction cache when building WASM on ARM64

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of inconsistent data in the instruction and data cache when creating wasm code, which could lead to a potentially exploitable crash...

Mozilla: Incoherent instruction cache when building WASM on ARM64

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of inconsistent data in the instruction and data cache when creating wasm code, which could lead to a potentially exploitable crash...

Mozilla: Out of bounds read when decoding H264

The Mozilla Foundation Security Advisory describes this flaw as: An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash...

Mozilla: Incoherent instruction cache when building WASM on ARM64

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of inconsistent data in the instruction and data cache when creating wasm code, which could lead to a potentially exploitable crash...