PT-2023-1211 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.31 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

PT-2023-1205 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.31 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a low-privileged attacker with network access via multiple protocols to...

PT-2023-1221 · Mysql Server +6 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.31 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

PT-2023-1222 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.31 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

PT-2023-1225 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.31 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server, allowing a high-privileged attacker with network access via multiple protocols to...

CVE-2022-4119

The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2022-4119

The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2022-4119 Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS

The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2022-4119 Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS

The Image Optimizer, Resizer and CDN WordPress plugin before 6.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2022-4119

The CVE-2022-4119 entry concerns the WordPress plugin Image Optimizer, Resizer and CDN, prior to version 6.8.1. The vulnerability arises because the plugin does not adequately sanitize and escape certain settings, enabling Stored XSS by high-privilege users (such as admins) even when unfiltered_h...

WordPress plugin Image Optimizer, Resizer and CDN 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-13963 · WordPress · The Image Optimizer

Name of the Vulnerable Software and Affected Versions: The Image Optimizer, Resizer and CDN WordPress plugin versions prior to 6.8.1 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is...

Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC Step 1: Install the plugin and register for a...

Privilege Escalation

rh-mysql80-mysql is vulnerable to privilege escalation. The vulnerability exists in the Server: Optimizer component, allowing an attacker to take over the account through the multiple protocols...

`CHECK` fail via inputs in `SdcaOptimizer` in Tensorflow

...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service DoS attacks. An attacker is able to cause denial of service conditions due to improper validation of user Inputs, densefeatures and examplestatedata, resulting in a CHECK fail in SdcaOptimizer...

GHSA-27RC-728F-X5W2 `CHECK` fail via inputs in `SdcaOptimizer`

Impact Inputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer. python import tensorflow as tf tf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...

Denial Of Service (DoS)

rh-mysql80-mysql is vulnerable to denial of service. The vulnerability exists in the Server: Optimizer component, allowing attacker to cause an application crash through the multiple protocols...