Lucene search
K

59 matches found

CNNVD
CNNVD
added 2024/05/24 12:0 a.m.5 views

PingCAP TiDB 安全漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v7.5.1, which originates from the inclusion of a null pointer dereference via the...

7.5CVSS7.4AI score0.00412EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/24 12:0 a.m.4 views

PingCAP TiDB 安全漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v7.5.1, which stems from a contained buffer overflow vulnerability that could lead to ...

6.5CVSS6.7AI score0.00426EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.5 views

PT-2024-25496 · Pingcap · Tidb

Name of the Vulnerable Software and Affected Versions: PingCAP TiDB version 7.5.1 Description: A buffer overflow issue was discovered, which could lead to database crashes and denial of service attacks. Recommendations: For PingCAP TiDB version 7.5.1, at the moment, there is no information about ...

6.5CVSS6.6AI score0.00426EPSS
Exploits0References5
Veracode
Veracode
added 2022/11/08 4:55 a.m.14 views

Arbitrary Code Execution

github.com/pingcap/tidb is vulnerable to arbitrary code execution. The vulnerability exists because the data source name string in the database connection is not properly neutralized which allows an attacker to inject malicious code and get read access to files in the system...

9.8CVSS9.1AI score0.00562EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/11/04 12:15 p.m.15 views

Format string

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

7.5CVSS9.6AI score0.00562EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/11/04 12:0 a.m.5 views

PingCAP TiDB 格式化字符串错误漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A formatting string error vulnerability exists in PingCAP TiDB versions prior to 6.1.3 through 6.4.0, which stems from its use of externally...

9.8CVSS5.8AI score0.00562EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/11/04 12:0 a.m.5 views

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

4.2CVSS6.8AI score0.00562EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/04 12:0 a.m.41 views

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

4.2CVSS9.8AI score0.00562EPSS
Exploits0References2
OSV
OSV
added 2022/11/04 12:0 a.m.22 views

CVE-2022-3023 Use of Externally-Controlled Format String in pingcap/tidb

Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3...

4.2CVSS4.8AI score0.00562EPSS
Exploits0References4
CVE
CVE
added 2022/11/04 12:0 a.m.63 views

CVE-2022-3023

The CVE-2022-3023 entry relates to a vulnerability in the PingCAP TiDB server where an externally controlled format string is used, affecting TiDB and specifically versions prior to 6.4.0 and prior to 6.1.3. The issue is described as a format-string vulnerability that can lead to unintended behav...

9.8CVSS6.8AI score0.00562EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:15 a.m.1 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.5CVSS5.9AI score0.00776EPSS
Exploits1References2
NVD
NVD
added 2022/08/03 2:15 a.m.24 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.5CVSS0.00776EPSS
Exploits1References1
OSV
OSV
added 2022/08/03 2:15 a.m.13 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.5CVSS7.3AI score
Exploits0References1
Prion
Prion
added 2022/08/03 2:15 a.m.17 views

Null pointer dereference

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

5CVSS7.5AI score0.00776EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/08/03 1:49 a.m.24 views

CVE-2022-34969

PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...

7.7AI score0.00776EPSS
Exploits1References1
CVE
CVE
added 2022/08/03 1:49 a.m.62 views

CVE-2022-34969

CVE-2022-34969 concerns PingCAP TiDB v6.1.0, where a NULL pointer dereference in TiDB is confirmed by multiple sources. The CVE entry documents the issue as a NULL pointer dereference with a high impact on availability (NVD: CVSSv3.1 base 7.5, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Several connect...

7.5CVSS7.5AI score0.00776EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2022/08/03 12:0 a.m.3 views

PingCAP TiDB 代码问题漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A code issue vulnerability exists in PingCAP TiDB version v6.1.0, which stems from the presence of null pointer references...

7.5CVSS7.4AI score0.00776EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/05/31 12:0 a.m.4 views

PingCAP TiDB 授权问题漏洞

PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. PingCAP TiDB version 5.3.0 suffers from an authorization issue vulnerability, which stems from a problem with application rights management. A...

7.8CVSS7.3AI score0.00311EPSS
Exploits0References3
Veracode
Veracode
added 2022/05/26 6:10 a.m.25 views

Authentication Bypass

github.com/pingcap/tidb is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly restrict the access path, allowing an attacker to bypass the authentication process by providing malicious authentication requests, resulting in privilege escalation or...

7.8CVSS7.7AI score0.00311EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder