605 matches found
CVE-2022-0273
creationtimestamp| type| source ---|---|--- 2022-01-30 16:23:55+00:00| seen| https://t.me/cibsecurity/36567...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
...
CVE-2022-21393
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...
UBUNTU-CVE-2022-21304
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2021-37570
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read...
CVE-2021-37569
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write...
The vulnerability of the communication standard set for IEEE 802.11 by the computer network traffic analyzer Wireshark allows a hacker to cause a service failure.
The vulnerability of the IEEE 802.11 communication standard set for computer network traffic analyzers like Wireshark is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by injecting specially crafted packets...
CVE-2021-35584
Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: ndbcluster/plugin DDL. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster...
PT-2021-22211 · Best Practical +2 · Request Tracker +2
Name of the Vulnerable Software and Affected Versions: Best Practical Request Tracker RT versions 4.2 through 4.2.16 Best Practical Request Tracker RT versions 4.4 through 4.4.4 Best Practical Request Tracker RT versions 5.0 through 5.0.1 Description: The issue allows sensitive information...
mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2021-38319
The More From Google WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /morefromgoogle.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2...
WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. WordPress plugin More From Google 0.0 .2 before the version o...
CVE-2021-37153
ForgeRock Access Management AM before 7.0.2, when configured with Active Directory as the Identity Store, has an authentication-bypass issue...
PT-2021-18946 · Apple · Ipados +5
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.0.2 iPadOS versions prior to 15.0.2 tvOS versions prior to 15.1 watchOS versions prior to 8.1 macOS Monterey versions prior to 12.0.1 Description: A logic issue was addressed with improved restrictions, which may have...
DEBIAN-CVE-2021-2372
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Oracle MySQL Server 输入验证错误漏洞
A denial-of-service vulnerability exists in the Server: Optimizer component of Oracle MySQL Server 8.0.25 and earlier versions. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash repeatedly and frequently complete denial of service...
Codoforum cross-site scripting vulnerability (CNVD-2021-50179)
Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 5.0.2, which can be exploited by an authenticated attacker to execute arbitrary web script or HTML via a crafted payload with the "Manage Users" parameter...
Codoforum cross-site scripting vulnerability (CNVD-2021-50177)
Codoforum is a set of PHP and MySQL based forum software. A cross-site scripting vulnerability exists in Codoforum version 5.0.2, which can be exploited by an authenticated attacker to execute arbitrary web script or HTML via a crafted payload with the "Pages" parameter...
GitLab 安全漏洞
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab CE/EE, which...