400 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0

A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service. Se encontró una vulnerabilidad en MariaDB. Un escaneo de puertos OpenVAS en los puertos 3306 y 4567 permite que un cliente remoto malicioso provoque una denegación de servicio. • https://access.redhat.com/errata/RHSA-2023:5683 https://access.redhat.com/errata/RHSA-2023:5684 https://access.redhat.com/errata/RHSA-2023:6821 https://access.redhat.com/errata/RHSA-2023:6822 https://access.redhat.com/errata/RHSA-2023:6883 https://access.redhat.com/errata/RHSA-2023:7633 https://access.redhat.com/security/cve/CVE-2023-5157 https://bugzilla.redhat.com/show_bug.cgi?id=2240246 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spider_db_mbase::print_warnings to dereference a null pointer. MariaDB Server anterior a 10.3.34 hasta 10.9.3 es vulnerable a la denegación de servicio. Es posible que la función spider_db_mbase::print_warnings elimine la referencia a un puntero null. • https://github.com/MariaDB/server/commit/be0a46b3d52b58956fd0d47d040b9f4514406954 https://lists.debian.org/debian-lts-announce/2023/06/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O22PO3Q6TRSNJI2A2WTJH3VVCHEKBF6C https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUQ33SPQCZQD63TWAM3XKFNVNFRGPFYU https://security.netapp.com/advisory/ntap-20230309-0009 https://access.redhat.com/security/cve/CVE-2022-47015 https://bugzilla.redhat.com/ • CWE-476: NULL Pointer Dereference •

CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 0

Vulnerability in the MySQL Server product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). • https://security.netapp.com/advisory/ntap-20221028-0013 https://www.oracle.com/security-alerts/cpuoct2022.html https://access.redhat.com/security/cve/CVE-2022-21595 https://bugzilla.redhat.com/show_bug.cgi?id=2142862 •

CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0

In MariaDB before 10.9.2, compress_write in extra/mariabackup/ds_compress.cc does not release data_mutex upon a stream write failure, which allows local users to trigger a deadlock. En MariaDB versiones anteriores a 10.9.2, la función compress_write en el archivo extra/mariabackup/ds_compress.cc no libera data_mutex tras un fallo de escritura en el flujo, lo que permite a usuarios locales desencadenar un bloqueo. • https://jira.mariadb.org/browse/MDEV-28719 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCOEGSVMIEXDZHBOSV6WVF7FAVRBR2JE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTVAONAZXJFGHAJ4RP2OF3EAMQCOTDSQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHISY4YVO4S5QJYYIXCIAXBM7INOL4VY https://security.netapp.com/advisory/ntap-20221104-0008 https://access.redhat.com/security/cve/CVE-2022-38791 https://b • CWE-667: Improper Locking •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort. Se ha detectado que MariaDB versiones v10.2 a v10.7, contiene un fallo de segmentación por el componente Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort • https://jira.mariadb.org/browse/MDEV-26419 https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html https://security.netapp.com/advisory/ntap-20220818-0005 https://access.redhat.com/security/cve/CVE-2022-32088 https://bugzilla.redhat.com/show_bug.cgi?id=2106008 • CWE-229: Improper Handling of Values •