MySQL — свободная реляционная система управления базами данных
Релизный цикл, информация об уязвимостях
График релизов
Количество 1 198
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
SUSE-SU-2019:2009-1
Security update for curl
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.
CVE-2019-5443
A non-privileged user or program can put code and a config file in a k ...
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.
SUSE-SU-2019:1357-2
Security update for curl
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.
openSUSE-SU-2019:1508-1
Security update for curl
openSUSE-SU-2019:1492-1
Security update for curl
CVE-2019-5436
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2019-10219 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. | CVSS3: 6.5 | 2% Низкий | около 6 лет назад |
 | SUSE-SU-2019:2009-1 Security update for curl | 3% Низкий | больше 6 лет назад | |
 | CVE-2019-5443 A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants. | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
| CVE-2019-5443 A non-privileged user or program can put code and a config file in a k ... | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
 | CVE-2019-5443 A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants. | CVSS3: 7.8 | 0% Низкий | больше 6 лет назад |
| SUSE-SU-2019:1357-2 Security update for curl | 3% Низкий | больше 6 лет назад | |
| CVE-2019-5443 A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants. | CVSS3: 8.4 | 0% Низкий | больше 6 лет назад |
| openSUSE-SU-2019:1508-1 Security update for curl | 3% Низкий | больше 6 лет назад | |
| openSUSE-SU-2019:1492-1 Security update for curl | 3% Низкий | больше 6 лет назад | |
| CVE-2019-5436 A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | CVSS3: 7.8 | 3% Низкий | больше 6 лет назад |
Уязвимостей на страницу