CVE-2021-21976

vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6.5.x prior to 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution...

CVE-2021-21976

CVE-2021-21976 is a post-authentication command injection in vSphere Replication that may allow an authenticated admin to achieve remote code execution. Affected: vSphere Replication 8.3.x (before 8.3.1.2), 8.2.x (before 8.2.1.1), 8.1.x (before 8.1.2.3), and 6.5.x (before 6.5.1.5). Root cause: vu...

vSphere Replication Command Injection Vulnerability

A command injection vulnerability exists in vSphere Replication that originates when a network system or product does not properly filter specific elements of externally entered data during the construction of executable commands. An attacker could exploit this vulnerability to execute an illegal...

Vulnerability of the Server component: The Replication function of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

VMSA-2021-0001:vSphere Replication updates address a command injection vulnerability

Advisory ID: VMSA-2021-0001 CVSSv3 Range: 7.2 Issue Date:2021-02-11 Updated On: 2021-02-11 Initial Advisory CVEs: CVE-2021-21976 Synopsis: vSphere Replication updates address a command injection vulnerability CVE-2021-21976 RSS Feed Download PDF Download Text File Share this page on social media:...

VAO fails to deploy a VAO agent to a standalone Veeam Backup & Replication server

Challenge When VAO tries to deploy a VAO agent to a standalone Veeam Backup & Replication server, you get a generic error "Failed to communicate to agent", and all VAO attempts to communicate with the VAO agent fail. You can also see the following error in the VAO agent logs located in the log...

CentOS 8 : postgresql:12 (CESA-2020:5620)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:5620 advisory. - postgresql: Uncontrolled search path element in logical replication CVE-2020-14349 - postgresql: Uncontrolled search path element in CREATE EXTENSION...

CentOS 8 : mysql:8.0 (CESA-2019:2511)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2511 advisory. - mysql: Server: Optimizer unspecified vulnerability CPU Jan 2019 CVE-2019-2420, CVE-2019-2481, CVE-2019-2507, CVE-2019-2529, CVE-2019-2530 - mysql:...

CentOS 8 : mariadb:10.3 (CESA-2019:3708)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3708 advisory. - mysql: InnoDB unspecified vulnerability CPU Jan 2019 CVE-2019-2510 - mysql: Server: DDL unspecified vulnerability CPU Jan 2019 CVE-2019-2537 - mysql:...

MySQL Server Replication Vulnerability Allows High-Privileged Remote Attackers to Cause Denial of Service (DoS) in Versions 8.0.22 and Earlier

...

MySQL 5.7.x < 5.7.33 Multiple Vulnerabilities (Jan 2021 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.33. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the January 2021 Critical Patch Update advisory: - Vulnerability in the MySQL Client product of Oracle MySQL component: C API...

MySQL 8.0.x < 8.0.20 Multiple Vulnerabilities (Apr 2020 CPU)

The version of MySQL running on the remote host is 8.0.x prior to 8.0.20. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the April 2020 Critical Patch Update advisory: - Vulnerability in the MySQL Server product of Oracle MySQL component: Server:...

Exploit for CVE-2020-1472

CVE-2020-1472 aka Zerologon Exploit POC !cve-2020-1742https...

CVE-2021-2002

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Code injection

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

UBUNTU-CVE-2021-2002

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2021-04770)

Oracle MySQL is an open source relational database management system.MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. An unspecified vulnerability exists in the Server: Replication component of Oracle MySQL Server 8.0.22 and earlier...

Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system.MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. An unspecified vulnerability exists in the Server: Replication component of Oracle MySQL Server 8.0.22 and earlier...

postgresql: Uncontrolled search path element in logical replication

A flaw was found in PostgreSQL, where it did not properly sanitize the searchpath during logical replication. This flaw allows an authenticated attacker to use this flaw in an attack similar to CVE-2018-1058 to execute an arbitrary SQL command in the user's context for replication. The highest...

postgresql: Uncontrolled search path element in logical replication

A flaw was found in PostgreSQL, where it did not properly sanitize the searchpath during logical replication. This flaw allows an authenticated attacker to use this flaw in an attack similar to CVE-2018-1058 to execute an arbitrary SQL command in the user's context for replication. The highest...