CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd...

6.8CVSS6.8AI score0.00936EPSS

Exploits0References1

Tenable Nessus•added 2025/03/04 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2016-1249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service out-of-bounds read...

5.9CVSS6.6AI score0.00596EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:8 a.m.•1 views

SUSE CVE-2016-1246

Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service crash via vectors related to an error message...

7.5CVSS7AI score0.01456EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 4:43 a.m.•1 views

SUSE CVE-2017-10789

The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...

4.8CVSS7AI score0.00227EPSS

Exploits0References8

OSV•added 2022/10/07 9:15 p.m.•1 views

UBUNTU-CVE-2022-3276

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise...

8.8CVSS7.1AI score0.00723EPSS

Exploits0References5

Positive Technologies•added 2022/10/07 12:0 a.m.•1 views

PT-2022-21445 · Puppet +1 · Puppetlabs-Mysql +1

Name of the Vulnerable Software and Affected Versions: puppetlabs-mysql versions prior to 13.0.0 Description: Command injection is possible in the puppetlabs-mysql module. A malicious actor can exploit this issue if they are able to provide unsanitized input to the module. This condition is rare ...

8.8CVSS8.7AI score0.00723EPSS

Exploits0References13

RedhatCVE•added 2022/10/06 5:26 a.m.•34 views

CVE-2022-3276

A flaw was in the puppetlabs-mysql module, where a Command injection can occur. This flaw allows a malicious actor to provide unsanitized input to the module...

8.4CVSS3.6AI score0.00723EPSS

Exploits0References4

OSV•added 2022/05/24 4:53 p.m.•11 views

GHSA-F982-MXWC-3MRX MySQL for Node.js Unsafe Options

An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default...

5.5CVSS5.3AI score0.00059EPSS

Exploits0References6