RHEL 8 : mysql:8.0 (RHSA-2020:3757)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3757 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MyS...

Important: Red Hat Security Advisory: mysql:8.0 security update

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

mysql:8.0 security update

An update is available for mecab-ipadic, mecab, mysql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MySQL is a multi-user, multi-threaded SQL database server...

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.21. Security Fixes: mysql: Server: Security: Privileges multiple...

ALSA-2020:3732 Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql 8.0.21. Security Fixes: mysql: Server: Security: Privileges multiple...

Denial Of Service (DoS)

MySQL is vulnerable to denial of service DoS due to flaws in Pluggable Auth...

mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MyS...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2020-41455)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in MySQL Server 5.7.30 and earlier and Server 8.0.20 and earlier in Oracle MySQL: Pluggable Auth component. An attack...

CVE-2020-14553

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2020-14553

CVE-2020-14553 affects Oracle MySQL Server (Server: Pluggable Auth) with versions 5.7.30 and prior and 8.0.20 and prior. The vulnerability allows a low-privilege, network-accessible attacker to perform unauthorized updates to MySQL data (I:LOW, A:N) via multiple protocols. Public sources confirm ...

Vulnerability of the Server:Pluggable Auth component of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server:Pluggable Auth component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL network protocol...

Linux: SSH UsePAM

UsePAM Enables the Pluggable Authentication Module interface. If set to SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle MySQL Server Denial of Service Vulnerability (CNVD-2020-23466)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in MySQL Server 5.7.28 and prior versions of Server: Pluggable Auth component in Oracle MySQL. An attacker can exploi...

CVE-2020-2790

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.28 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2020-2790

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.28 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Denial Of Service (DoS)

Pluggable Authentication Modules PAM is vulnerable to Denial of Service DoS. The checkacl function in pamxauth.c in the pamxauth module in Linux-PAM does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service resource consumption via a...

Remote Code Execution (RCE)

Pluggable Authentication Modules PAM is vulnerable to remote code execution RCE. It was discovered that the pamxauth module did not verify the return values of the setuid and setgid system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and...

Privilege Escalation

Pluggable Authentication Modules PAM is vulnerable to Privilege Escalation. A flaw was found in the way pamconsole set console device permissions. It was possible for various console devices to retain ownership of the console user after logging out, possibly leaking information to another local...