Lucene search
+L

188 matches found

Tenable Nessus
Tenable Nessus
added 2021/03/11 12:0 a.m.33 views

EulerOS Virtualization 2.9.0 : mariadb-connector-c (EulerOS-SA-2021-1654)

According to the version of the mariadb-connector-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet...

8.8CVSS7.2AI score0.02779EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/12/22 10:50 a.m.11 views

mariadb-connector-c: Improper validation of content in a OK packet received from server

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS7.4AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/22 9:27 a.m.7 views

mariadb-connector-c: Improper validation of content in a OK packet received from server

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS7.4AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/22 9:25 a.m.5 views

mariadb-connector-c: Improper validation of content in a OK packet received from server

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS7.4AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/15 5:28 p.m.15 views

mariadb-connector-c: Improper validation of content in a OK packet received from server

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS7.4AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/15 5:27 p.m.5 views

mariadb-connector-c: Improper validation of content in a OK packet received from server

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS7.4AI score0.02779EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/11/30 1:47 p.m.11 views

mariadb-connector-c: Improper validation of content in a OK packet received from server

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS7.4AI score0.02779EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/11/12 12:0 a.m.44 views

GLSA-202011-14 : MariaDB: Remote code execution

The remote host is affected by the vulnerability described in GLSA-202011-14 MariaDB: Remote code execution It was discovered that MariaDB did not properly validate the content of a packet received from a server. Impact : A remote attacker could send a specially crafted packet to WSREP service,...

9CVSS7.8AI score0.05539EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2020/11/11 12:0 a.m.76 views

MariaDB: Remote code execution

Background MariaDB is an enhanced, drop-in replacement for MySQL. Description It was discovered that MariaDB did not properly validate the content of a packet received from a server. Impact A remote attacker could send a specially crafted packet to WSREP service, possibly resulting in execution o...

9CVSS5.1AI score0.05539EPSS
Exploits0
OSV
OSV
added 2020/09/24 6:15 p.m.4 views

CVE-2020-3489

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...

7.4CVSS7.1AI score0.00507EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/21 12:0 a.m.6 views

MariaDB Connector/C OK Packet Content Validation Error Vulnerability

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL using the Maria storage engine.Connector/C is one of the connectors used to connect C/C++ applications to MariaDB and MySQL databases. A security vulnerability exists in the...

8.8CVSS8.5AI score0.02779EPSS
Exploits0References1
NVD
NVD
added 2020/05/20 7:15 p.m.17 views

CVE-2020-13249

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS8.6AI score0.02779EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2020/05/20 7:15 p.m.30 views

CVE-2020-13249

libmariadb/mariadblib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadblib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle...

8.8CVSS6.9AI score0.02779EPSS
Exploits0References4
OSV
OSV
added 2020/05/13 4:15 p.m.5 views

CVE-2020-7454

In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting in modules causing an out of bounds read/write condition if no checking was built into the module...

9.8CVSS7.3AI score0.02706EPSS
Exploits0References4
NVD
NVD
added 2020/04/29 12:15 a.m.22 views

CVE-2019-5614

In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable results...

9.8CVSS9.4AI score0.01321EPSS
Exploits0References2
CNVD
CNVD
added 2020/04/24 12:0 a.m.4 views

FreeBSD ipfw buffer overflow vulnerability (CNVD-2020-32362)

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. ipfw is one of the IP firewall components. A buffer overflow vulnerability exists in ipfw in FreeBSD, which stems from a program's failure to properly validate packets, and can be exploited by an attacker to cause kernel...

9.8CVSS7.2AI score0.01321EPSS
Exploits0References1
FreeBSD Advisory
FreeBSD Advisory
added 2020/04/21 12:0 a.m.16 views

FreeBSD-SA-20:10.ipfw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:10.ipfw Security Advisory The FreeBSD Project Topic: ipfw invalid mbuf handling Category: core Module: kernel Announced: 2020-04-21 Credits: Maxime Villard...

9.8CVSS7.2AI score0.01321EPSS
Exploits0
CVE
CVE
added 2020/02/28 6:42 p.m.122 views

CVE-2020-1876

CVE-2020-1876 affects Huawei NIP6800, Secospace USG6600 and USG9500 with specific V500R001C30, V500R001C60SPC500 and V500R005C00SPC100 builds. It is an out-of-bounds write vulnerability triggered by unauthenticated, malformed packets that bypass validation and may reboot the targeted device. Root...

7.5CVSS7.6AI score0.00755EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/16 3:7 a.m.209 views

CVE-2020-7045

Wireshark 3.0.x before 3.0.8 contains a vulnerability in the BT ATT dissector that could cause a crash. The root cause is related to opcode validation in the BT ATT dissector code path (epan/dissectors/packet-btatt.c). Affected product: Wireshark 3.0.x; vulnerable version range includes before 3....

6.5CVSS6.3AI score0.01457EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/11/27 12:0 a.m.91 views

Cisco IOS Software Internet Key Exchange Version 1 DoS (cisco-sa-20180328-ike-dos)

According to its self-reported version, Cisco IOS is affected by a denial of service DoS vulnerability in its Internet Key Exchange Version 1 IKEv1 functionality due to improper validation of specific IKEv1 packets. An unauthenticated, remote attacker can exploit this by sending crafted IKEv1...

7.8CVSS7.3AI score0.07005EPSS
Exploits0References3
Rows per page
Query Builder