4770 matches found
CVE-2023-22065
CVE-2023-22065 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions 8.0.33 and earlier. Exploitation can lead to a hang or frequent crash (DoS) of MySQL Server. Remediation in connected advisories points to upgrading to a fixed release (e.g., MySQL 8.0.34+ or vendor-specific p...
CVE-2023-22064
CVE-2023-22064 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or repeatable crash (a complete DoS) of MySQL Server; CVSS v3.1 base score 4.9 (A...
CVE-2023-22059
This CVE (CVE-2023-22059) affects Oracle MySQL Server, specifically the Server: Optimizer component. The vulnerability is present in MySQL 8.0.34 and earlier and in 8.1.0, with a low-privilege, network-access attacker able to exploit via multiple protocols to cause a hang or frequently repeated c...
CVE-2023-22032
CVE-2023-22032 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.34 and earlier, and 8.1.0. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (complete DOS). CVSS 3.1 base sc...
PT-2023-6186 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server, allowing a remote attacker to execute a denial-of-service DoS attack...
PT-2023-6203 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a remote attacker to cause a hang or frequently repeatable crash of MySQL...
PT-2023-6187 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.33 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server, allowing a remote attacker to execute a denial-of-service DoS attack...
PT-2023-6341 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. This allows a high-privileged attacker with network access via multiple...
PT-2023-6366 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior MySQL Server version 8.1.0 Description: The vulnerability in the MySQL Server product of Oracle MySQL is related to insufficient input validation in the Server: Optimizer component. This issue can be...
PT-2023-6389 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.33 and prior Description: The issue is related to the Server: Optimizer component of the MySQL Server product of Oracle MySQL. It allows a high privileged attacker with network access via multiple protocols to...
PT-2023-6388 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.34 and prior Oracle MySQL Server version 8.1.0 Description: The issue is related to the Server: Optimizer component of Oracle MySQL Server. It allows a high-privileged attacker with network access via multiple...
PT-2023-6184 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior, 8.1.0 Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. It allows a high-privileged attacker with network access via multiple...
PT-2023-6185 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.34 and prior Oracle MySQL Server version 8.1.0 Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server, allowing a low-privileged attacker...
PT-2023-6190 · Oracle +8 · Mysql Server +7
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.34 and prior MySQL Server version 8.1.0 Description: The vulnerability in the MySQL Server product of Oracle MySQL is related to insufficient input validation in the Server: Optimizer component. This vulnerability ca...
PT-2023-6194 · Oracle +2 · Mysql Server +1
Name of the Vulnerable Software and Affected Versions: MySQL Server version 8.1.0 MySQL Server versions prior to 8.1.0 Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a low-privileged attacker with network access via...
OptiPNG Security Vulnerability
OptiPNG is a PNG optimizer from OptiPNG that recompresses image files to a smaller size without losing any information. A security vulnerability exists in OptiPNG version v0.7.7, which stems from a global buffer overflow via the buffer variable in gifread.c. The vulnerability is caused by the...
Fedora 38 : community-mysql (2023-492105ed08)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-492105ed08 advisory. MySQL 8.0.34 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-34.html Tenable has extracted the preceding description block...
WordPress ShortPixel Image Optimizer Plugin < 5.4.2 is vulnerable to PHP Object Injection
Software ShortPixel Image Optimizer Type Plugin Vulnerable versions 5.4.2 Fixed in 5.4.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority Low CVSS severity Low 6.6 Developer ShortPixel PSID 5232103a110b Credits Unknown Required privilege Editor Published 15...
CVE-2023-2122
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...
CVE-2023-2122
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...