Technology Blog

August 22, 2022

CVE-2018-3162 (active_iq_unified_manager, mariadb, mysql, oncommand_insight, oncommand_workflow_automation, snapcenter, ubuntu_linux)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable […]
August 22, 2022

CVE-2018-3173 (active_iq_unified_manager, mariadb, mysql, oncommand_insight, oncommand_workflow_automation, snapcenter, ubuntu_linux)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable […]
August 22, 2022

CVE-2018-3200 (active_iq_unified_manager, mariadb, mysql, oncommand_insight, oncommand_workflow_automation, snapcenter, ubuntu_linux)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable […]
August 22, 2022

CVE-2018-3277 (active_iq_unified_manager, mariadb, mysql, oncommand_insight, oncommand_workflow_automation, snapcenter, ubuntu_linux)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable […]
August 22, 2022

CVE-2018-3282 (active_iq_unified_manager, debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_workstation, mariadb, mysql, oncommand_insight, oncommand_workflow_automation, snapcenter, ubuntu_linux)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 […]
August 22, 2022

CVE-2019-1559 (a220_firmware, a320_firmware, a800_firmware, active_iq_unified_manager, agent, altavault, api_gateway, big-ip_access_policy_manager, big-ip_advanced_firewall_manager, big-ip_analytics, big-ip_application_acceleration_manager, big-ip_application_security_manager, big-ip_domain_name_system, big-ip_edge_gateway, big-ip_fraud_protection_service, big-ip_global_traffic_manager, big-ip_link_controller, big-ip_local_traffic_manager, big-ip_policy_enforcement_manager, big-ip_webaccelerator, big-iq_centralized_management, business_intelligence, c190_firmware, cloud_backup, clustered_data_ontap_antivirus_connector, cn1610_firmware, communications_diameter_signaling_router, communications_performance_intelligence_center, communications_session_border_controller, communications_session_router, communications_unified_session_manager, data_exchange_layer, debian_linux, element_software, endeca_server, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_workstation, enterprise_manager_base_platform, enterprise_manager_ops_center, fas2720_firmware, fas2750_firmware, fedora, hci_compute_node, hci_management_node, hyper_converged_infrastructure, jboss_enterprise_web_server, jd_edwards_enterpriseone_tools, jd_edwards_world_security, leap, mysql, mysql_enterprise_monitor, mysql_workbench, nessus, node.js, oncommand_insight, oncommand_unified_manager, oncommand_unified_manager_core_package, oncommand_workflow_automation, ontap_select_deploy, ontap_select_deploy_administration_utility, openssl, pan-os, peoplesoft_enterprise_peopletools, santricity_smi-s_provider, secure_global_desktop, service_processor, services_tools_bundle, smi-s_provider, snapcenter, snapdrive, snapprotect, solidfire, steelstore_cloud_integrated_storage, storage_automation_store, storagegrid, threat_intelligence_exchange_server, traffix_signaling_delivery_controller, ubuntu_linux, virtualization, virtualization_host, web_gateway)

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can […]
August 22, 2022

CVE-2019-2481 (enterprise_linux, enterprise_linux_eus, enterprise_linux_server_aus, enterprise_linux_server_tus, mariadb, mysql, oncommand_insight, oncommand_unified_manager, oncommand_workflow_automation, snapcenter, ubuntu_linux)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 […]
August 22, 2022

CVE-2020-10387 (phpkb)

Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the […]
August 22, 2022

CVE-2020-10388 (phpkb)

The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script […]