4770 matches found
CVE-2023-2122 Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...
CVE-2023-2122 Image Optimizer by 10web < 1.0.27 - Reflected Cross-Site Scripting
The Image Optimizer by 10web WordPress plugin before 1.0.27 does not sanitise and escape the iowdtabsactive parameter before rendering it in the plugin admin panel, leading to a reflected Cross-Site Scripting vulnerability, allowing an attacker to trick a logged in admin to execute arbitrary...
CVE-2023-2122
The CVE-2023-2122 entry concerns the Image Optimizer by 10web WordPress plugin (versions up to 1.0.26). It is vulnerable to a reflected XSS via the iowd_tabs_active parameter, which is sanitized/escaped insufficiently before rendering in the plugin admin panel. Impact is that an attacker could lu...
WordPress Plugin Image Optimizer by 10web 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : MySQL vulnerabilities (USN-6288-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6288-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has...
The vulnerability of Client programs in the MySQL database management system allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...
Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server: Optimizer component of the MySQL database management system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
Oracle Solaris Critical Patch Update : jul2023_SRU11_4_59_144_2
This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Apache Tomcat. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability...
Oracle MySQL Server 5.7.x < 5.7.43 (October 2023 CPU)
The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging OpenSSL. Supported versions that are affected are 5.7.42 and...
CVE-2023-22056
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
AZL-27470 CVE-2023-22056 affecting package mysql for versions less than 8.0.34-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
CVE-2023-22046
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
AZL-27466 CVE-2023-22054 affecting package mysql for versions less than 8.0.34-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
AZL-27467 CVE-2023-22046 affecting package mysql for versions less than 8.0.34-1
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
UBUNTU-CVE-2023-22054
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...