Search CVE reports
1 – 10 of 1616 results
CVE-2024-30896
Medium priorityInfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. NOTE: the supplier indicates that this is intentional but is a "poor design choice" that will be changed in...
1 affected packages
influxdb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| influxdb | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-10921
Medium priorityAn authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This issue affects MongoDB Server v5.0...
1 affected packages
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-8013
Medium priorityA bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. Should this occur, no...
1 affected packages
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-8305
Medium priorityprepareUnique index may cause secondaries to crash due to incorrect enforcement of index constraints on secondaries, where in extreme cases may cause multiple secondaries crashing leading to no primaries. This issue affects...
1 affected packages
mongodb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mongodb | Not in release | Not in release | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-27766
Medium priorityAn issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the lib_mysqludf_sys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed.
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Needs evaluation | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
| mysql-8.0 | Not affected | Not affected | Not affected | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2023-39593
Medium priorityInsecure permissions in the sys_exec function of MariaDB v10.5 allows authenticated attackers to execute arbitrary commands with elevated privileges. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Needs evaluation | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Needs evaluation |
| mariadb-10.1 | Not in release | Not in release | Not in release | Needs evaluation | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Needs evaluation | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
| mysql-8.0 | Not affected | Not affected | Not affected | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Needs evaluation |
CVE-2023-26785
Medium priorityMariaDB v10.5 was discovered to contain a remote code execution (RCE) vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no...
1 affected packages
mariadb
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Needs evaluation | Not in release | Not in release | — | — |
CVE-2024-21247
Medium priorityVulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Not affected | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
| mysql-8.0 | Not affected | Not affected | Not affected | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21244
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Not affected | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
| mysql-8.0 | Not affected | Not affected | Not affected | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |
CVE-2024-21243
Medium priorityVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged...
10 affected packages
mariadb, mariadb-10.0, mariadb-10.1, mariadb-10.3, mariadb-10.6...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| mariadb | Not affected | Not in release | Not in release | — | — |
| mariadb-10.0 | Not in release | Not in release | Not in release | — | Not affected |
| mariadb-10.1 | Not in release | Not in release | Not in release | Not affected | — |
| mariadb-10.3 | Not in release | Not in release | Ignored | — | — |
| mariadb-10.6 | Not in release | Not affected | Not in release | — | — |
| mysql-5.5 | Not in release | Not in release | Not in release | — | — |
| mysql-5.7 | Not in release | Not in release | Not in release | Not affected | Ignored |
| mysql-8.0 | Not affected | Not affected | Not affected | — | — |
| percona-server-5.6 | Not in release | Not in release | Not in release | — | Not affected |
| percona-xtradb-cluster-5.6 | Not in release | Not in release | Not in release | — | Not affected |