Lucene search
K

15242 matches found

F5 Networks
F5 Networks
added 2024/04/25 5:58 p.m.34 views

K000139405: MySQL vulnerability CVE-2023-21950

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS5.1AI score0.00987EPSS
Exploits0
Veracode
Veracode
added 2024/04/24 6:55 a.m.34 views

Arbitrary Code Injection

mysql2 is vulnerable to Arbitrary Code Injection. The vulnerability is due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function. This allows an attacker to inject arbitrary code into the system...

9.8CVSS7.1AI score0.01025EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2024/04/23 9:6 a.m.28 views

CVE-2024-21087

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in...

4.9CVSS5.9AI score0.00885EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:6 a.m.35 views

CVE-2024-21096

A flaw was found in the MySQL Server product of Oracle MySQL component: Client: mysqldump. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can resul...

4.9CVSS5.5AI score0.00424EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:6 a.m.30 views

CVE-2024-21069

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DDL. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...

4.9CVSS5.9AI score0.00834EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 a.m.30 views

CVE-2024-21062

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized...

4.9CVSS5.9AI score0.00834EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 a.m.34 views

CVE-2024-21054

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized...

4.9CVSS5.9AI score0.00962EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 a.m.27 views

CVE-2024-21008

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized...

4.4CVSS5.6AI score0.00891EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 a.m.24 views

CVE-2024-21047

A flaw was found in the MySQL Server product of Oracle MySQL component: InnoDB. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to...

4.9CVSS5.9AI score0.00928EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 a.m.25 views

CVE-2024-21009

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized...

4.9CVSS5.9AI score0.01085EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/23 9:5 a.m.28 views

CVE-2024-20998

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized...

4.9CVSS5.9AI score0.0097EPSS
Exploits0References4
NVD
NVD
added 2024/04/23 5:15 a.m.12 views

CVE-2024-21511

Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...

9.8CVSS9.6AI score0.01025EPSS
Exploits0References4
OSV
OSV
added 2024/04/23 5:15 a.m.16 views

CVE-2024-21511

Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...

9.8CVSS7.4AI score
Exploits0References4
Cvelist
Cvelist
added 2024/04/23 5:0 a.m.18 views

CVE-2024-21511

Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...

9.8CVSS9.8AI score0.01025EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/23 5:0 a.m.12 views

CVE-2024-21511

Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the timezone parameter in the readCodeFor function by calling a native MySQL Server date/time function...

9.8CVSS9.6AI score0.01025EPSS
Exploits0References4
NCSC
NCSC
added 2024/04/19 12:0 a.m.11 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has fixed the...

7.5CVSS6.9AI score0.99999EPSS
Exploits20
RedhatCVE
RedhatCVE
added 2024/04/18 3:6 p.m.25 views

CVE-2024-21056

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...

4.9CVSS6.2AI score0.00887EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/18 3:5 p.m.29 views

CVE-2024-21055

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized...

4.9CVSS6.2AI score0.00887EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/18 3:5 p.m.30 views

CVE-2024-21053

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...

4.9CVSS6.2AI score0.00962EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/04/18 3:5 p.m.29 views

CVE-2024-21051

A flaw was found in the MySQL Server product of Oracle MySQL component: Server: DML. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability ...

4.9CVSS6.2AI score0.00986EPSS
Exploits0References4
Rows per page
Query Builder