Skip to main content

Dbd Mysql

7 CVEs product

Monthly

CVE-2017-10789 MEDIUM This Month

The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Dbd Mysql
NVD GitHub
CVSS 3.0
5.9
EPSS
0.3%
CVE-2017-10788 CRITICAL Act Now

The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free Oracle Dbd Mysql
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2016-1249 MEDIUM PATCH This Month

The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Denial Of Service Information Disclosure Dbd Mysql
NVD GitHub
CVSS 3.0
5.9
EPSS
0.5%
CVE-2016-1251 HIGH PATCH This Week

There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free Dbd Mysql
NVD GitHub
CVSS 3.0
8.1
EPSS
0.5%
CVE-2016-1246 HIGH PATCH This Week

Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Dbd Mysql Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
1.9%
CVE-2015-8949 CRITICAL PATCH Act Now

Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free Dbd Mysql Debian Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
3.9%
CVE-2014-9906 CRITICAL PATCH Act Now

Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption RCE Use After Free Debian Linux +1
NVD GitHub
CVSS 3.0
9.8
EPSS
3.0%
EPSS 0% CVSS 5.9
MEDIUM This Month

The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a "your communication with the server will be. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Dbd Mysql
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by triggering (1). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free +2
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 8.1
HIGH PATCH This Week

There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Dbd Mysql +1
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Information Disclosure Use After Free +2
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption RCE +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy