10 matches found
CVE-2024-47091
Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...
EUVD-2024-55577
Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...
CVE-2024-47091
Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...
CVE-2024-47091
CVE-2024-47091 describes a local privilege escalation in the Windows mk_mysql agent plugin used by Checkmk. A local unprivileged user can escalate by creating a Windows service whose name matches 'MySQL' or 'MariaDB' (or by gaining write access to a binary referenced by such a service). This allo...
PT-2026-40585
Privilege escalation in the mk mysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary co...
Important: Red Hat Security Advisory: Red Hat OpenStack Platform (puppet-mysql) security update
An update for puppet-mysql is now available for Red Hat OpenStack Platform 13.0 Queens, 16.1 Train, 16.2 Train and 17.0 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
GHSA-5V44-7647-XFW9 Blind SQL injection in PrestaShop productcomments module
Impact An attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. Patches The problem is fixed in 4.2.1...
CVE-2020-26248 Blind SQL injection during the CommentGrade process
In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module...
vulhub
This is a Docker Compose file for a vulnerability environment. It is a collection of services that can be used to test and demonstrate various types of vulnerabilities. The file is written in YAML format and defines the services, their ports, and the networks they use. The file contains several...
Exploit for CVE-2007-2447
This is a proof-of-concept PoC exploit repository for various...