EUVD-2022-2076

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-30706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit...

Linux Distros Unpatched Vulnerability : CVE-2023-22102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.1.0 and prior. Difficult to...

ROS-20250806-04

Vulnerability of the Connector/J subcomponent of the MySQL Connectors driver of the Oracle database management system MySQL is related to insufficient access control. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain unauthorized access to protected data...

CVE-2022-44644

In Apache Linkis =1.3.0 when used with the MySQL Connector/J in the data source module, an authenticated attacker could read arbitrary local files by connecting a rogue MySQL server, By adding allowLoadLocalInfile to true in the JDBC parameter. Therefore, the parameters in the JDBC URL should be...

CVE-2025-30706

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attac...

RHEL 6 : mysql-connector-java (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mysql-connector-java: Connector/J unspecified vulnerability CPU October 2018 CVE-2018-3258 -...

Security Bulletin: IBM Event Processing is vulnerable to high confidentiality, integrity and availability impacts (CVE-2023-22102).

Summary MySQL Connector/J versions used by IBM Event Processing are susceptible to a difficult to exploit vulnerability that could allow an unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a perso...

OESA-2024-1103 mysql-connector-java security update

Official JDBC driver for MySQL. Security Fixes: Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

...

ai.koog:agents-features-sql-jvm (>=0.4.2 <=0.5.4), app.cash.backfila:client-misk-hibernate (>=2023.12.01.210510-f61f157 <=2024.06.21.153703-27e31a9) +1215 more potentially affected by CVE-2023-22102 via com.mysql:mysql-connector-j (>=8.0.31 <=8.1.0)

com.mysql:mysql-connector-j MAVEN version =8.0.31, =0.4.2, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2.0.0, =6.6.0, =6.6.0, =2.5.0, =1.5.12, =1.6.8.1, =1.6.9.1, =1.6.8.1, =1.1.0, =1.1.2 and more Source cves: CVE-2023-22102 Source advisory:...

Exploit for CVE-2023-21971

CVE-2023-21971 Connector/J RCE Analysis References Remot...

K000134573: MySQL vulnerability CVE-2023-21971

Security Advisory Description Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

Medium: mysql-connector-java

Issue Overview: Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

CVE-2023-21971

Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

GHSA-H6W8-52MQ-4QXC Apache Linkis contains Deserialization of Untrusted Data

In Apache Linkis =1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameter...

Apache Linkis vulnerable to Exposure of Sensitive Information

In Apache Linkis =1.3.0 when used with the MySQL Connector/J, an authenticated attacker could read arbitrary local file by connecting a rogue mysql server, By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore, the parameters in the jdbc url should be blacklisted. Versions of...

GHSA-RX76-XW35-6RH8 Apache Linkis vulnerable to Exposure of Sensitive Information

In Apache Linkis =1.3.0 when used with the MySQL Connector/J, an authenticated attacker could read arbitrary local file by connecting a rogue mysql server, By adding allowLoadLocalInfile to true in the jdbc parameter. Therefore, the parameters in the jdbc url should be blacklisted. Versions of...

Apache Linkis contains Deserialization of Untrusted Data

In Apache Linkis =1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameter...

CVE-2022-44645

In Apache Linkis =1.3.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures new datasource with a MySQL data source and malicious parameters. Therefore, the parameter...