CVE-2020-14827 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Ser - CVEs Blog

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14827

Reference (s):

https://security.netapp.com/advisory/ntap-20201023-0003/
GENTOO:GLSA-202105-27
URL: https://security.gentoo.org/glsa/202105-27
https://www.oracle.com/security-alerts/cpuoct2020.html
URL: https://www.oracle.com/security-alerts/cpuoct2020.html

CVE-2020-14827 – Vulnerability in the MySQL Server product of Oracle MySQL (component: Ser

Something Fresh

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-27216 - In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 1

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

What People Reading

CVE-2004-1715 - Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 all

CVE-2020-26212 - GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free

CVE-2015-0320 - Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and

CVE-2020-27212 - STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect acce

CVE-2020-26296 - Vega is a visualization grammar, a declarative format for creating, savin

Categories

Partners

Just add here your partners image or promo text