9454 matches found
CVE-2024-20993
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2024-20995
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise Oracle...
CVE-2024-21060
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...
CVE-2024-21117
CVE-2024-21117 affects Oracle Outside In Technology (Outside In Core) in Oracle Fusion Middleware; affected 8.5.6–8.5.7. Local, low-privilege attacker with logon can achieve low-impact confidentiality, integrity, and availability results (partial DOS). Root cause cited is insufficient input valid...
CVE-2024-21104
The CVE-2024-21104 affects Oracle ZFS Storage Appliance Kit, Core component, v8.8. The issue stems from insufficient input validation in the Core, enabling a high-privilege attacker with logon access to compromise the kit (requires user interaction) and potentially take over the appliance. Exploi...
CVE-2024-21102
CVE-2024-21102 affects Oracle MySQL Server (component: Server: Thread Pooling). Affected versions are 8.0.36 and earlier, and 8.3.0 and earlier. The description states an easily exploitable vulnerability that, with network access via multiple protocols and a high-privilege attacker, can lead to a...
CVE-2024-21087
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
CVE-2024-21069
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2024-21062
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2024-21056
CVE-2024-21056 affects Oracle MySQL Server (Server: DML); supported versions 8.0.34 and prior are impacted. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent, complete denial of service of MySQL Server. CVSS 3.1 base score 4...
CVE-2024-21056
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
CVE-2024-21053
CVE-2024-21053 affects Oracle MySQL Server (component: Server: DML). Affected: MySQL 8.0.34 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server. Exploitation and impact details are docu...
CVE-2024-21051
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
CVE-2024-21052
CVE-2024-21052 affects Oracle MySQL Server (component: Server: DML). Affected: MySQL 8.0.34 and prior. The vulnerability could be exploited by a highly privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVS...
CVE-2024-21047
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2024-21045
CVE-2024-21045 affects Oracle E-Business Suite, specifically the LOV component in the Complex Maintenance, Repair, and Overhaul product. Affected: EBS versions 12.2.3–12.2.13. Root cause: insufficient input validation in LOV allows an unauthenticated attacker with network access via HTTP to compr...
CVE-2024-21040
CVE-2024-21040 affects Oracle E-Business Suite, specifically the LOV component in Oracle Complex Maintenance, Repair, and Overhaul (12.2.3–12.2.13). The issue allows an unauthenticated attacker with network access over HTTP to read and modify data, with human interaction required for exploitation...
CVE-2024-21031
The CVE-2024-21031 entry concerns Oracle E-Business Suite, Oracle Complex Maintenance, Repair, and Overhaul LOV component. Affected versions are 12.2.3–12.2.13. The issue allows an unauthenticated attacker with network access over HTTP to compromise data after user interaction, potentially enabli...
CVE-2024-21024
CVE-2024-21024 affects Oracle E-Business Suite, specifically the LOV component in Oracle Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The issue stems from insufficient input validation in LOV, allowing a remote, unauthenticated attacker with network access via ...
CVE-2024-21021
CVE-2024-21021 affects Oracle E-Business Suite, specifically the LOV component in the Complex Maintenance, Repair, and Overhaul module. Affected versions are 12.2.3–12.2.13. The vulnerability is exploitable over HTTP by an unauthenticated attacker and, though it requires user interaction, can lea...