EUVD-2019-12386

Malware in sbrugna...

Malformed $group Query May Cause MongoDB Server to Crash

An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operation. This vulnerability could lead to deni...

Linux Distros Unpatched Vulnerability : CVE-2018-3251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior an...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-x64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

SUSE CVE-2019-2747

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: GIS. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Security fix for the ALT Linux 10 package php8.0 version 8.0.12-alt1

8.0.12-alt1 built Nov. 2, 2021 Anton Farygin in task 287171 Oct. 28, 2021 Anton Farygin - 8.0.12 Fixes: CVE-2021-21703...

Security fix for the ALT Linux 10 package php8.1 version 8.0.12-alt1

Oct. 28, 2021 Anton Farygin 8.0.12-alt1 - 8.0.12 Fixes: CVE-2021-21703...

PHP 8.0.x < 8.0.12

The version of PHP installed on the remote host is prior to 8.0.12. It is, therefore, affected by a vulnerability as referenced in the Version 8.0.12 advisory. - In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM...

Oracle MySQL Server 8.0 <= 8.0.12 Security Update (cpujul2019) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

Oracle MySQL Server 8.0 <= 8.0.12 Security Update (cpujul2019) - Windows

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

PT-2019-6352 · Oracle +1 · Mysql Server

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.12 and prior Description: The issue is related to insufficient input validation in the MySQL Server component, specifically in the Server: Data Dictionary subcomponent. This allows an attacker with network access via...

mysql: InnoDB unspecified vulnerability (CPU Oct 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

mysql: InnoDB unspecified vulnerability (CPU Oct 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...

Code injection

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2019-26719)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the Server: DDL subcomponent of the MySQL Server component in Oracle MySQL, version 8.0.12 and earlier. An attacke...