4770 matches found
SUSE CVE-2022-21509
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2022-21526
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2022-21531
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2022-21569
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
SUSE CVE-2023-22794
A vulnerability in ActiveRecord 6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the annotate query method, the optimizerhints query method, or through the QueryLogs interface which automatically adds annotations, it may be sent t...
Fedora 37 : community-mysql (2023-d332f0b6a3)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d332f0b6a3 advisory. MySQL 8.0.32 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html Tenable has extracted the preceding description block...
CVE-2023-22794
A vulnerability in ActiveRecord 6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the annotate query method, the optimizerhints query method, or through the QueryLogs interface which automatically adds annotations, it may be sent t...
DEBIAN-CVE-2023-22794
A vulnerability in ActiveRecord 6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the annotate query method, the optimizerhints query method, or through the QueryLogs interface which automatically adds annotations, it may be sent t...
UBUNTU-CVE-2023-22794
A vulnerability in ActiveRecord 6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the annotate query method, the optimizerhints query method, or through the QueryLogs interface which automatically adds annotations, it may be sent t...
WordPress Kraken.io Image Optimizer Plugin <= 2.6.8 is vulnerable to Broken Access Control
Software Kraken.io Image Optimizer Type Plugin Vulnerable versions = 2.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0619 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID b987322713b6 Credits Marco Wotschka -...
CVE-2023-0619
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
CVE-2023-0619
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
Authorization
The Kraken.io Image Optimizer plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.6.8. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to reset image...
CVE-2023-0619
The CVE-2023-0619 entry concerns the Kraken.io Image Optimizer WordPress plugin. Affected versions up to and including 2.6.8 are vulnerable to an authorization bypass caused by a missing capability check on AJAX actions, allowing authenticated attackers with subscriber-level permissions and above...
WordPress Plugin Kraken.io Image Optimizer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
Vulnerability of the Server component: The MySQL Server database management system’s Optimizer component allows a hacker to gain unauthorized access to read, modify, or delete data.
The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...