SG Optimizer <= 5.0.12 - Unauthenticated File Upload

According to the original researchers: "A successful attack on the SiteGround Optimizer would allow bad actors to store backdoors on vulnerable sites."...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows attackers to alter file access rights or cause service interruptions.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow an attacker to modify file access rights or cause service interruptions...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the Server: Optimizer component of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server: Optimizer component of the Oracle MySQL database management system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause the application to become unresponsive or to crash, by using specially crafted network packets...

UBUNTU-CVE-2019-7153

A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions in wasm/wasm-binary.cpp when calling wasm::WasmBinaryBuilder::getFunctionIndexName in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt...

UBUNTU-CVE-2019-7152

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions in wasm/wasm-binary.cpp when calling wasm::WasmBinaryBuilder::getFunctionIndexName in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-op...

Heap overflow

The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst in emscripten-optimizer/simpleast.h. A crafted input can cause segmentation faults, leading to denial-of-service, as...

MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.43. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory: - An unspecified vulnerability in MySQL in the 'Server:...

ALPINE-CVE-2019-2529

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

CVE-2019-2507

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...

Oracle MySQL Server Access Control Error Vulnerability (CNVD-2019-26744)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: Optimizer subcomponent of the MySQL Server component of Oracle MySQL, versions 5.6.42 and earlier,...

Oracle MySQL Server Access Control Error Vulnerability (CNVD-2019-26712)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. An access control error vulnerability exists in the MySQL Server component of Oracle MySQL, versions 5.6.42 and earlier, 5.7.24 and earlier, and the...

Oracle MySQL Server Access Control Error Vulnerability (CNVD-2019-26745)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: Optimizer subcomponent of the MySQL Server component of Oracle MySQL, versions 5.6.42 and earlier,...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-26740)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: Optimizer subcomponent of the MySQL Server component in Oracle MySQL, version 8.0.13 and earlier. An...

UBUNTU-CVE-2019-2507

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...