CVE-2023-21976

CVE-2023-21976 affects Oracle MySQL Server (component: Server: Optimizer) for MySQL 8.0.32 and earlier. An attacker with network access via multiple protocols can exploit this to cause a hang or crash (DOS). Remediation observed in connected docs includes upgrading to newer MySQL versions (e.g., ...

CVE-2023-21977

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21964

CVE-2023-21964 affects Oracle WebLogic Server Core, with vulnerable versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. The issue allows unauthenticated network access via T3 to trigger a hang or full crash (DoS). Several connected sources (Oracle APR 2023 CPU advisory, Nessus plugin, PT-2023-2481) c...

CVE-2023-21953

CVE-2023-21953 affects Oracle MySQL Server, component Server: Partition , with affected versions 8.0.32 and prior . The connected materials confirm this is a vulnerability that an attacker with network access via multiple protocols could exploit to cause a hang or frequently repeatable crash (com...

CVE-2023-21946

CVE-2023-21946 affects Oracle MySQL Server, specifically the Server: Optimizer. Affected versions are 8.0.32 and earlier. The vulnerability can be exploited by a low-privilege attacker with network access via multiple protocols and can lead to a hang or frequently repeatable crash (complete DoS) ...

CVE-2023-21939

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable...

CVE-2023-21933

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2023-21931

CVE-2023-21931 is a pre-auth, unauthenticated remote code execution/vulnerability in Oracle WebLogic Server (Fusion Middleware) affecting Core, with affected versions 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. The public sources describe network access via T3 (and IIOP in related discussions) enabli...

CVE-2023-21919

CVE-2023-21919 affects Oracle MySQL Server (component: Server: DDL), with vulnerable versions 8.0.32 and earlier. The issue allows a high-privilege attacker who can reach the server over multiple protocols to cause a hang or crash (DoS), as reflected by the CVSS availability impact. Connected adv...

CVE-2023-21920

Summary: CVE-2023-21920 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.32 and earlier. Exploitable with network access via multiple protocols by a highly privileged attacker, leading to a hang or frequent crashes (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Impact: Avail...

CVE-2023-21920

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21915

CVE-2023-21915 affects Oracle Banking Payments (Oracle Financial Services Applications), specifically the Book/Internal Transfer component, with affected versions 14.5–14.7. The vulnerability is described as insufficient input validation allowing a low-privilege, network-accessible attacker (via ...

CVE-2023-21913

CVE-2023-21913 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions up to 8.0.31. An attacker with network access and high privileges can cause a hang or complete DoS via multiple protocols. Public advisories indicate fixes in later MySQL 8.0.x releases (e.g., RHSA-2023:3087 n...

CVE-2023-21913

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

FANUC ROBOGUIDE-HandlingPRO

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: ROBOGUIDE-HandlingPRO Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and/or overwrite files on the system running the affected...

CVE-2023-2130

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...

Mozilla: Potential Memory Corruption following Garbage Collector compaction

The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...

Mozilla: Memory Corruption in Safe Browsing Code

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...