mysql: Group Replication GCS unspecified vulnerability (CPU Oct 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Group Replication GCS. Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

PT-2017-3926 · Mariadb +2 · Mariadb +3

Name of the Vulnerable Software and Affected Versions: MariaDB versions prior to 10.1.30 MariaDB versions 10.2.x prior to 10.2.10 Percona XtraDB Cluster versions prior to 5.6.37-26.21-3 Percona XtraDB Cluster versions 5.7.x prior to 5.7.19-29.22-3 Description: The issue is related to incorrect...

[SECURITY] Fedora 27 Update: couchdb-1.7.1-3.fc27

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

[SECURITY] Fedora 26 Update: couchdb-1.7.1-3.fc26

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

Important: mysql56, mysql57

Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in...

Medium: mysql55

Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in...

mysql: Server: Replication unspecified vulnerability (CPU Oct 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...

Oracle MySQL Server Multiple Vulnerabilities - 01 - (Nov 2012) - Linux

Oracle MySQL server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

CVE-2017-12315

CVE-2017-12315 affects Cisco HyperFlex System: the vulnerability is in the system logging path during replication configuration, where sensitive information is not properly masked in log files. An authenticated, local attacker (administrative user) could view restricted information in the system ...

CVE-2017-12315

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

Cisco HyperFlex System Authenticated Information Disclosure Vulnerability

A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to view sensitive information that should be restricted in the system log files. The attacker would have to be authenticated as an administrative use...

Failed to import Veeam Cloud Connect certificate after Veeam Availability Console server migration

Challenge After migrating your Veeam Availability Console VAC installation to a new server and adding an existing Veeam Cloud Connect VCC server, the following certificate error may be observed: Failed to import certificate from the Veeam Cloud Connect server. See debug logs for more information...

SUSE SLES11 Security Update : mysql (SUSE-SU-2017:2996-1)

This update for mysql to version 5.5.58 fixes the following issues: Fixed security issues : - CVE-2017-10268: issue inside subcomponent Server Replication bsc1064101 - CVE-2017-10378: issue inside subcomponent Server Optimizer bsc1064115 - CVE-2017-10379: issue inside subcomponent Client programs...

How to collect logs for cases involving Oracle

Challenge An issue with backing up of the Oracle database server and/or removal of Oracle archived logs is suspected. Veeam Technical Support would like to gather information from your servers and databases to investigate this issue. Additional logs must be gathered manually from the guest OS on...

Redis-store Design Vulnerability

Redis-store is a Ruby-based application-specific toolkit that supports sharding, master-slave replication, and grouping. A security vulnerability exists in Redis-store 1.3.0 and earlier versions. An attacker can exploit the vulnerability to load insecure objects from redis...

Cross site request forgery (csrf)

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...

CVE-2017-5635

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user...

Deserialization of untrusted data

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could impersonate another user and gain their permissions on a replicated request to another node...

ALPINE-CVE-2017-10268

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructur...