Lucene search
K

161 matches found

Cvelist
Cvelist
added 2021/03/19 2:46 a.m.27 views

CVE-2021-27928

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database...

7.7AI score0.38179EPSS
Exploits9References9
MariaDBUnix
MariaDBUnix
added 2021/03/19 2:46 a.m.51 views

CVE-2021-27928

Disclaimer: This data contains information about vulnerable...

9CVSS8AI score0.38179EPSS
Exploits9
Debian CVE
Debian CVE
added 2021/03/19 2:46 a.m.35 views

CVE-2021-27928

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database...

9CVSS9.1AI score0.38179EPSS
Exploits9
AlpineLinux
AlpineLinux
added 2021/03/19 2:46 a.m.63 views

CVE-2021-27928

A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database...

9CVSS7.6AI score0.38179EPSS
Exploits9
CVE
CVE
added 2021/03/19 2:46 a.m.794 views

CVE-2021-27928

MariaDB and Percona Server are affected by CVE-2021-27928: an untrusted search path enables eval injection, allowing a database SUPER user to execute OS commands after altering wsrep_provider and wsrep_notify_cmd. Affected versions: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10...

9CVSS7.4AI score0.38179EPSS
Exploits9References9Affected Software1
OSV
OSV
added 2020/11/09 8:15 p.m.4 views

CVE-2020-26542

An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the...

9.8CVSS7.2AI score0.0152EPSS
Exploits0References4
NVD
NVD
added 2020/11/09 8:15 p.m.22 views

CVE-2020-26542

An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the...

9.8CVSS9.6AI score0.0152EPSS
Exploits0References4
Prion
Prion
added 2020/11/09 8:15 p.m.15 views

Authentication flaw

An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the...

7.5CVSS9.5AI score0.0152EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/11/09 7:7 p.m.60 views

CVE-2020-26542

The CVE-2020-26542 issue affects the MongoDB Simple LDAP plugin used with Percona Server (through 2020-10-02). When using SimpleLDAP with Active Directory, authentication can succeed with a blank password, granting access at the privileges of the authenticating account. The NVD notes a high impac...

9.8CVSS9.4AI score0.0152EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/11/09 7:7 p.m.24 views

CVE-2020-26542

An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has discovered a flaw that would allow authentication to complete when passing a blank value for the...

9.6AI score0.0152EPSS
Exploits0References4
CNVD
CNVD
added 2019/05/27 12:0 a.m.7 views

Percona Server Authorization Issues Vulnerability

Percona Server is an open source relational database management system . An authorization issue vulnerability exists in Percona Server version 5.6.44-85.0-1 Debian and Ubuntu. The vulnerability stems from a lack of authentication measures or insufficient authentication strength in a networked...

10CVSS7.2AI score0.0197EPSS
Exploits0References1
NVD
NVD
added 2019/05/23 4:29 p.m.20 views

CVE-2019-12301

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

10CVSS9.6AI score0.0197EPSS
Exploits0References2
OSV
OSV
added 2019/05/23 4:29 p.m.2 views

CVE-2019-12301

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

9.8CVSS7.3AI score0.0197EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/05/23 4:29 p.m.29 views

CVE-2019-12301

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

10CVSS7.2AI score0.0197EPSS
Exploits0References3
Prion
Prion
added 2019/05/23 4:29 p.m.11 views

Default credentials

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

10CVSS9.4AI score0.0197EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/05/23 3:7 p.m.22 views

CVE-2019-12301

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

9.5AI score0.0197EPSS
Exploits0References2
CVE
CVE
added 2019/05/23 3:7 p.m.48 views

CVE-2019-12301

Percona Server 5.6.44-85.0-1 packages for Debian/Ubuntu had a password-reset issue where upgrading reset the root password to blank. This is confirmed by multiple sources (NVD, Red Hat CVE entry, Ubuntu security page). Root credentials could be effectively compromised during upgrades if exploited...

10CVSS9.4AI score0.0197EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2019/05/02 5:51 a.m.36 views

Privilege Escalation

Oracle MySQL, MariaDB, Percona Server and Percona XtraDB Cluster are vulnerable to privilege escalation. A locally authenticated attacker may use race condition while setting stats during MyISAM table repair to obtain elevated privileges...

7CVSS7.8AI score0.04313EPSS
Exploits18References31Affected Software11
Veracode
Veracode
added 2019/01/15 9:15 a.m.27 views

Privilege Escalation

mysql is vulnerable to privilege escalation attacks. The vulnerability exists as a race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before...

7.8AI score
Exploits10References2Affected Software11
Veracode
Veracode
added 2019/01/15 9:13 a.m.151 views

Arbitrary Code Execution

mariadb-galera is vulnerable to arbitrary code execution attacks. The vulnerability exists as Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before...

9.8CVSS9.1AI score0.6773EPSS
Exploits16References32Affected Software12
Rows per page
Query Builder