BIT-DJANGO-2020-9402

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escapi...

VulnCheck KEV: CVE-2023-7309

A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform also referred to as the Dahua Smart Campus Integrated Management Platform, affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary...

SUSE CVE-2021-35631

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

Unauthorized access vulnerability in SuperMap iServer of Beijing SuperMap Software Co. Ltd (CNVD-2023-61163)

SuperMap iServer is a cloud GIS application server based on high-performance cross-platform GIS kernel. An unauthorized access vulnerability exists in SuperMap iServer of Beijing SuperMap Software Co. Ltd, which can be exploited by attackers to obtain sensitive information...

Important: Red Hat Security Advisory: mysql:8.0 security, bug fix, and enhancement update

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177734, BZ2177735, BZ2177736 Security Fixes: mysql: Server:...

RHEL 8 : mysql:8.0 (RHSA-2023:3087)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3087 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

ALSA-2023:3087 Important: mysql:8.0 security, bug fix, and enhancement update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.32. BZ2177734, BZ2177735, BZ2177736 Security Fixes: mysql: Server:...

RHEL 9 : mysql (RHSA-2023:2621)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2621 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

mysql: Server: GIS unspecified vulnerability (CPU Jan 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

mysql: Server: GIS unspecified vulnerability (CPU Jan 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

Moderate: Red Hat Security Advisory: rh-mysql80-mysql security update

An update for rh-mysql80-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : rh-mysql80-mysql (RHSA-2023:1102)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1102 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

K16385: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2013-5894 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. CVE-2013-5881 Unspecified vulnerability in the MySQL Server...

SUSE CVE-2012-0540

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension...

SUSE CVE-2012-5060

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension...

SUSE CVE-2013-1937

Multiple cross-site scripting XSS vulnerabilities in tblgisvisualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the 1 visualizationSettingswidth or 2 visualizationSettingsheight parameter. NOTE: a third party reports that this ...

SUSE CVE-2013-5860

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS...

SUSE CVE-2015-2582

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS...

SUSE CVE-2016-6607

XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...