Download
| Alert*
oval:org.secpod.oval:def:504877
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql . Security Fix: * mysql: sha256_password authentication DoS via long password ... oval:org.secpod.oval:def:89002522 This update for mysql to version 5.5.59 fixes several issues. These security issues were fixed: - CVE-2018-2622: Vulnerability in the subcomponent: Server: DDL. Easily exploitable vulnerability allowed low privileged attacker with network access via multiple protocols to compromise MySQL Server. Suc ... oval:org.secpod.oval:def:504840 MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql . Security Fix: * mysql: sha256_password authentication DoS via long password ... oval:org.secpod.oval:def:89002272 This update for mariadb fixes the following issues: MariaDB was updated to 10.0.34 The following security vulnerabilities are fixed: - CVE-2018-2562: Vulnerability in the MySQL Server subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker with network acc ... oval:org.secpod.oval:def:43574 The host is installed with Oracle MySQL Server through 5.5.58, through 5.6.38 or through 5.7.20 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to Server: Optimizer. Successful exploitation allows attackers to affect Availabil ... oval:org.secpod.oval:def:2100766 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple pr ... oval:org.secpod.oval:def:204867 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb . Security Fix: * mysql: Client programs unspecified vulnerability * mysql: Server: DML unspecified vulnerability * my ... oval:org.secpod.oval:def:505027 MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb102-mariadb , rh-mariadb102-galera . Security Fix: * mysql: Server: Replication unspecifi ... oval:org.secpod.oval:def:1600845 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Succe ... oval:org.secpod.oval:def:1800971 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:1800972 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:1800965 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:1800966 CVE-2017-10268: mariaDB 10.1.29 CVE-2017-10378: mariaDB 10.1.29 CVE-2017-15365: mariaDB 10.1.30 CVE-2018-2562: mariaDB 10.1.31 CVE-2018-2622: mariaDB 10.1.31 CVE-2018-2640: mariaDB 10.1.31 CVE-2018-2665: mariaDB 10.1.31 CVE-2018-2668: mariaDB 10.1.31 CVE-2018-2612: mariaDB 10.1.31 oval:org.secpod.oval:def:2102304 Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that poi ... oval:org.secpod.oval:def:1900145 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Succe ... oval:org.secpod.oval:def:51979 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:113982 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:114111 MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. oval:org.secpod.oval:def:502349 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a later upstream version: mariadb . Security Fix: * mysql: Client programs unspecified vulnerability * mysql: Server: DML unspecified vulnerability * my ... oval:org.secpod.oval:def:603571 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37. Please see the MariaDB 10.1 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10127-release-notes/ https://mariad ... oval:org.secpod.oval:def:53464 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37. Please see the MariaDB 10.1 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10127-release-notes/ https://mariad ... oval:org.secpod.oval:def:114221 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:603241 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.59, which includes additional changes oval:org.secpod.oval:def:1700076 Vulnerability in the MySQL Server component of Oracle MySQL . Supported versions that are affected are 5.5.57 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability c ... oval:org.secpod.oval:def:703961 mysql-5.7: MySQL database - mysql-5.5: MySQL database Several security issues were fixed in MySQL. oval:org.secpod.oval:def:114132 MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs an ... oval:org.secpod.oval:def:1502294 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2100967 The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to ... |