OPENSUSE-SU-2024:0384-1 Security update for zabbix

This update for zabbix fixes the following issues: Zabbix was updated to 6.0.33: - this version fixes CVE-2024-36461 and CVE-2024-22114 - New Features and Improvements + ZBXNEXT-9000 Changed query table for ASM disk group metrics in Oracle Database plugin and Oracle by ODBC template Agent Templat...

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow attackers to cause service interruptions.

Vulnerability of the Server component: The DDL system for managing databases in Oracle MySQL Server has vulnerabilities related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to cause service interruptions using the MySQL protocol...

Vulnerability of the Cluster component: General database management systems like MySQL Cluster and their components; FTS database management system like Oracle MySQL Server, which allows attackers to cause service interruptions.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster and their components like the Server component: The Oracle MySQL Server component exists due to incorrect validation of input data in these components. Exploiting this vulnerability can allow an attacke...

The vulnerability of the Java VM component of the Oracle Database Server system allows a hacker to trigger a service failure.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures using the Oracle Net protocol...

The vulnerability of the Oracle Database RDBMS Security component of the Oracle Database Server system allows a perpetrator to gain full control over the system.

The vulnerability of the Oracle Database RDBMS Security component of the Oracle Database Server lies in errors during privilege management. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full control over the system using the Oracle Net protocol...

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system allows a hacker to gain unauthorized access for reading, creating, modifying, and deleting data, or to cause service failures.

The vulnerability of the InnoDB component in the Oracle MySQL Server database management system is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access for reading, creating, modifying, and deleting data, or to caus...

The vulnerability of the Java VM component of the Oracle Database Server allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient protection of operational data due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

The vulnerability of the Database Core Component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to read, modify, or delete data.

The vulnerability of the Database Core Component of the Oracle Database Server management system is related to improper authentication. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data...

Vulnerability of Oracle MySQL Server’s Server: Optimizer and Cluster: General components of the database management system, allowing attackers to cause service interruptions.

Vulnerability of Server: Optimizer and Cluster: General components of the Oracle MySQL Server database management system is related to improper cleaning or release of resources. Exploiting this vulnerability may allow a malicious actor to cause service interruptions remotely...

CVE-2024-21251

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net t...

CVE-2024-21242

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML...

CVE-2024-21233

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

CVE-2024-21251

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net t...

CVE-2024-21251

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net t...

CVE-2024-21242

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML...

CVE-2024-21242

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML...

CVE-2024-21233

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

CVE-2024-21233

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

CVE-2024-21242

Oracle Database Server – XML Database : The XML Database component has errors in resource release that affect 19.3–19.24, 21.3–21.15, and 23.4–23.5. It is remotely exploitable via HTTP with low privileges and requires user interaction, potentially causing a partial DoS of the XML Database. Remedi...

CVE-2024-21233

Oracle Database Server Core vulnerability CVE-2024-21233 affects Core in Oracle Database Server versions 19.3–19.24, 21.3–21.15, and 23.4–23.5. The flaw stems from improper authorization in the Database Core Component, enabling a low-privileged attacker with Create Session privilege and network a...