Lucene search
K
PerconaPercona Server

7 matches found

CVE
CVE
added 2016/09/20 6:0 p.m.779 views

CVE-2016-6662

CVE-2016-6662 affects MySQL-derived products (MySQL, MariaDB, Percona Server) across multiple branches, allowing local users to bypass protections by setting general_log_file to a my.cnf configuration. The underlying flaw enables arbitrary configuration by non-privileged users and can be leverage...

10CVSS8AI score0.6773EPSS
CVE
CVE
added 2021/03/19 2:46 a.m.776 views

CVE-2021-27928

MariaDB and Percona Server are affected by CVE-2021-27928: an untrusted search path enables eval injection, allowing a database SUPER user to execute OS commands after altering wsrep_provider and wsrep_notify_cmd. Affected versions: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10...

9CVSS7.4AI score0.38179EPSS
CVE
CVE
added 2016/12/13 9:0 p.m.461 views

CVE-2016-6663

CVE-2016-6663 involves a race condition in MyISAM table repair (MySQL, MariaDB, Percona variants) that could let a local user with certain privileges gain elevated privileges via my_copystat during REPAIR TABLE. Affected products and versions include MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7....

7CVSS6.5AI score0.04313EPSS
CVE
CVE
added 2016/12/13 9:0 p.m.334 views

CVE-2016-6664

CVE-2016-6664 affects Oracle MySQL, MariaDB, Percona Server and Percona XtraDB Cluster when using file-based logging. The flaw, rooted in the mysqld_safe/error log handling, could let a local user with access to the mysql account escalate to root via a symlink attack on error logs (and possibly o...

7CVSS6.7AI score0.0308EPSS
Web
CVE
CVE
added 2022/08/03 1:49 a.m.62 views

CVE-2022-34968

The CVE-2022-34968 entry concerns Percona Server for MySQL (version 8.0.28-19) with a vulnerability in the fetch_step function that can cause a Denial of Service via a crafted SQL query. The issue’s root cause is in the fetch_step logic; impact is DoS (availability) with a CVSS v3.1 base score of...

7.5CVSS7.5AI score0.00846EPSS
CVE
CVE
added 2020/11/09 7:7 p.m.60 views

CVE-2020-26542

The CVE-2020-26542 issue affects the MongoDB Simple LDAP plugin used with Percona Server (through 2020-10-02). When using SimpleLDAP with Active Directory, authentication can succeed with a blank password, granting access at the privileges of the authenticating account. The NVD notes a high impac...

9.8CVSS9.4AI score0.0152EPSS
CVE
CVE
added 2019/05/23 3:7 p.m.48 views

CVE-2019-12301

Percona Server 5.6.44-85.0-1 packages for Debian/Ubuntu had a password-reset issue where upgrading reset the root password to blank. This is confirmed by multiple sources (NVD, Red Hat CVE entry, Ubuntu security page). Root credentials could be effectively compromised during upgrades if exploited...

10CVSS9.4AI score0.0197EPSS