Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-0668 | 6 Canonical, Debian, Mariadb and 3 more | 10 Ubuntu Linux, Debian Linux, Mariadb and 7 more | 2022-09-21 | 1.7 LOW | 4.1 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier and MariaDB 10.0.x before 10.0.24 and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to InnoDB. | |||||
| CVE-2014-4243 | 3 Mariadb, Oracle, Suse | 6 Mariadb, Mysql, Solaris and 3 more | 2022-09-21 | 2.8 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED. | |||||
| CVE-2014-2432 | 3 Mariadb, Oracle, Redhat | 9 Mariadb, Mysql, Solaris and 6 more | 2022-09-21 | 2.8 LOW | N/A |
| Unspecified vulnerability Oracle the MySQL Server component 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Federated. | |||||
| CVE-2014-0420 | 5 Canonical, Debian, Mariadb and 2 more | 8 Ubuntu Linux, Debian Linux, Mariadb and 5 more | 2022-09-21 | 2.8 LOW | N/A |
| Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.34 and earlier, and 5.6.14 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Replication. | |||||
| CVE-2013-2391 | 3 Mariadb, Oracle, Redhat | 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more | 2022-09-21 | 3.0 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install. | |||||
| CVE-2022-38931 | 1 Baijiacms Project | 1 Baijiacms | 2022-09-21 | N/A | 8.8 HIGH |
| A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the url parameter. | |||||
| CVE-2022-39218 | 1 Fastly | 1 Js-compute | 2022-09-21 | N/A | 7.5 HIGH |
| The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the `Math.random` and `crypto.getRandomValues` methods fail to use sufficiently random values. The initial value to seed the PRNG (pseudorandom number generator) is baked-in to the final WebAssembly module, making the sequence of random values for that specific WebAssembly module predictable. An attacker can use the fixed seed to predict random numbers generated by these functions and bypass cryptographic security controls, for example to disclose sensitive data encrypted by functions that use these generators. The problem has been patched in version 0.5.3. No known workarounds exist. | |||||
| CVE-2013-1506 | 3 Mariadb, Oracle, Redhat | 7 Mariadb, Mysql, Enterprise Linux Desktop and 4 more | 2022-09-21 | 2.8 LOW | N/A |
| Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking. | |||||
| CVE-2022-38495 | 1 Lief-project | 1 Lief | 2022-09-21 | N/A | 7.8 HIGH |
| LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c. | |||||
| CVE-2022-38497 | 1 Lief-project | 1 Lief | 2022-09-21 | N/A | 5.5 MEDIUM |
| LIEF commit 365a16a was discovered to contain a segmentation violation via the component CoreFile.tcc:69. | |||||
| CVE-2017-3653 | 4 Debian, Mariadb, Oracle and 1 more | 10 Debian Linux, Mariadb, Mysql and 7 more | 2022-09-21 | 3.5 LOW | 3.1 LOW |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N). | |||||
| CVE-2022-40009 | 1 Swftools | 1 Swftools | 2022-09-21 | N/A | 9.8 CRITICAL |
| SWFTools commit 772e55a was discovered to contain a heap-use-after-free via the function grow_unicode at /lib/ttf.c. | |||||
| CVE-2022-40008 | 1 Swftools | 1 Swftools | 2022-09-21 | N/A | 9.8 CRITICAL |
| SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c. | |||||
| CVE-2022-21451 | 3 Mariadb, Netapp, Oracle | 6 Mariadb, Active Iq Unified Manager, Oncommand Insight and 3 more | 2022-09-21 | 2.1 LOW | 4.4 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2018-2767 | 6 Canonical, Debian, Mariadb and 3 more | 14 Ubuntu Linux, Debian Linux, Mariadb and 11 more | 2022-09-21 | 3.5 LOW | 3.1 LOW |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2022-40759 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation. | |||||
| CVE-2022-40758 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen. | |||||
| CVE-2022-40757 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | |||||
| CVE-2022-40761 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | |||||
| CVE-2022-40760 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize. | |||||