Lucene search
K

46137 matches found

OSV
OSV
added 2026/06/24 1:13 p.m.6 views

OESA-2026-2734 mariadb security update

Security Fixes: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

10CVSS5.9AI score0.00998EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 1:13 p.m.6 views

OESA-2026-2733 mariadb security update

Security Fixes: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

6.8CVSS6.6AI score0.00869EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 11:53 a.m.29 views

CVE-2026-56351

CVE-2026-56351 affects n8n prior to 2.4.0. A SQL injection exists in the MySQL, PostgreSQL, and Microsoft SQL nodes, where unescaped identifier values in node configuration parameters can be exploited by an authenticated user with workflow-creation permissions to inject arbitrary SQL and compromi...

9.6CVSS6.1AI score0.00217EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/24 6:38 a.m.8 views

USN-8457-2 mysql-8.0 vulnerabilities

USN-8457-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS Original advisory details: It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote attacker could possibl...

7.5CVSS5.9AI score0.00471EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2026/06/24 6:38 a.m.15 views

USN-8457-2: MySQL vulnerabilities

USN-8457-1 fixed several vulnerabilities in MySQL. This update provides the corresponding fixes for MySQL on Ubuntu 20.04 LTS Original advisory details: It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote attacker could possibl...

7.5CVSS5.9AI score0.00471EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52073

Name of the Vulnerable Software and Affected Versions Ghost versions 5.46.1 through 6.21.1 Description Validation applied to filters on public API endpoints could be partially bypassed, allowing the disclosure of private fields through a brute force attack. The impact varies by database: when usi...

5.3CVSS5.8AI score0.00214EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : MySQL vulnerabilities (USN-8457-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8457-1 advisory. It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote...

7.5CVSS5.9AI score0.00471EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 8:17 a.m.15 views

CVE-2026-44913

Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache NiFi 1.2.0 through 2.9.0 allows for injecting SQL commands using crafted naming. Manual quoted boundaries added in Apache NiFi 1.8.0 narrowed the scope of potential injection options, but did not...

7.2CVSS0.00385EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 5:46 a.m.4 views

BIT-MYSQL-SHELL-2026-46871

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell for VS Code. The supported version that is affected is 2026.2.0+9.6.1. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Shell. Successful attacks...

6.5CVSS5.9AI score0.00261EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 5:46 a.m.4 views

BIT-MYSQL-SHELL-2026-46870

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell for VS Code. The supported version that is affected is 2026.2.0+9.6.1. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Shell. While the...

8.5CVSS5.8AI score0.00311EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 5:46 a.m.5 views

BIT-MYSQL-SHELL-2026-46869

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Dump and Load. Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Shell...

6.5CVSS5.8AI score0.0018EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 5:46 a.m.4 views

BIT-MYSQL-SHELL-2026-46850

Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell for VS Code. The supported version that is affected is 2026.2.0+9.6.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise MySQL Shell. While the vulnerability is in...

9.9CVSS5.9AI score0.00521EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.18 views

PT-2026-51283

Name of the Vulnerable Software and Affected Versions Apache NiFi versions 1.2.0 through 2.9.0 Description Improper escaping of database table names in the CaptureChangeMySQL Processor allows for the injection of SQL commands through crafted naming. This issue affects installations utilizing the...

7.2CVSS6AI score0.00385EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.10 views

Amazon Linux 2023 : mariadb1011, mariadb1011-backup, mariadb1011-client-utils (ALAS2023-2026-1844)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1844 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable...

9.1CVSS6.2AI score0.00567EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-46862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Router product of Oracle MySQL component: Router: General. Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0. Easi...

7.5CVSS7AI score0.00463EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-46863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are MySQL...

7.5CVSS6.2AI score0.00471EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Shell product of Oracle MySQL component: Shell: Dump and Load. Supported versions that are affected are 8.4.0-8.4.9 and 9.0.0-9.7.0...

6.5CVSS5.9AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 8:16 p.m.26 views

CVE-2026-48772

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. In versions 2.0.0 through 3.0.8, the ProxySQL MySQL frontend accepts the PROXY UNKNOWN \r\n PP1 frame as a well-formed PROXY protocol header. The HAProxy PROXY protocol v1 specification says that when the protocol token is UNKNOW...

10CVSS0.00185EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 8:16 p.m.14 views

CVE-2026-48773

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption vulnerability in the MySQL and PostgreSQL protocol first-read paths. A remote unauthenticated client can declare an oversized first packet length, and...

9.8CVSS0.00358EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 7:27 p.m.22 views

CVE-2026-48773 ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling

ProxySQL is a proxy for MySQL and its forks, as well as PostgreSQL. Versions 2.0.18 through 3.0.8 have a pre-authentication heap memory corruption vulnerability in the MySQL and PostgreSQL protocol first-read paths. A remote unauthenticated client can declare an oversized first packet length, and...

9.8CVSS0.00358EPSS
Exploits0References2
Rows per page
Query Builder