Oracle Mysql_workbench
42 CVEs affecting Oracle Mysql_workbench. Latest disclosed: 2022-05-03. Critical: 4, High: 23.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-11656 | Critical | 9.8 | 2020-04-09 | In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statemen… |
CVE-2019-19646 | Critical | 9.8 | 2019-12-09 | pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. |
CVE-2019-19317 | Critical | 9.8 | 2019-12-05 | lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of ser… |
CVE-2018-10933 | Critical | 9.1 | 2018-10-17 | A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first perform… |
CVE-2021-3518 | High | 8.8 | 2021-05-18 | There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 cou… |
CVE-2019-14889 | High | 8.8 | 2019-12-10 | A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp… |
CVE-2018-14550 | High | 8.8 | 2019-07-10 | An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c i… |
CVE-2021-3517 | High | 8.6 | 2021-05-19 | There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed… |
CVE-2022-21824 | High | 8.2 | 2022-02-24 | Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while s… |
CVE-2022-23308 | High | 7.5 | 2022-02-26 | valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. |
CVE-2020-13871 | High | 7.5 | 2020-06-06 | SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. |
CVE-2020-1967 | High | 7.5 | 2020-04-21 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a res… |
CVE-2020-11655 | High | 7.5 | 2020-04-09 | SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's ini… |
CVE-2020-9327 | High | 7.5 | 2020-02-21 | In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizatio… |
CVE-2020-7595 | High | 7.5 | 2020-01-21 | xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. |
CVE-2019-20388 | High | 7.5 | 2020-01-21 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. |
CVE-2019-20218 | High | 7.5 | 2020-01-02 | selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. |
CVE-2019-19925 | High | 7.5 | 2019-12-24 | zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. |
CVE-2019-19923 | High | 7.5 | 2019-12-24 | flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can… |
CVE-2019-19926 | High | 7.5 | 2019-12-23 | multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vuln… |