CVE-2019-2627

CVE-2019-2627 affects the MySQL Server component (Server: Security: Privileges). Public details show affected versions: 5.6.43 and prior, 5.7.25 and prior, and 8.0.15 and prior. The vulnerability is exploitable over network by a high-privilege attacker and can lead to a hang or crash (DoS) of MyS...

CVE-2019-2626

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2019-2628

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2019-2590

Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component of Oracle PeopleSoft Products subcomponent: Job Opening. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2019-2592

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: PS. Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2019-2585

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2019-2593

CVE-2019-2593 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.15 and earlier. The vulnerability is exploitable over the network by a highly privileged attacker and can cause a hang or crash (DoS) of MySQL Server (availability impact). Documented in multiple advisories (e.g., CentO...

CVE-2019-2592

CVE-2019-2592 is a vulnerability in Oracle MySQL Server (Server: PS) affecting 5.7.25 and earlier and 8.0.15 and earlier. It can be exploited remotely over multiple protocols by a high-privilege attacker to cause a hang or a complete DoS of MySQL Server. Public advisories from Red Hat, Rocky Linu...

CVE-2019-2606

CVE-2019-2606 is a vulnerability in the Oracle MySQL Server component (Server: Security: Privileges). Documents consistently define the affected scope as MySQL Server, with vulnerable versions listed as 8.0.15 and prior. The exploit scenario described is a high-privilege attacker with network acc...

CVE-2019-2581

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

CVE-2019-2583

CVE-2019-2583 affects Oracle E-Business Suite iSupplier Portal (Attachments) with affected versions 12.1.3, 12.2.3–12.2.8. The Red Hat/NVD entries confirm the vulnerability exists in Oracle iSupplier Portal; CVSSv3.0 base score 8.2 with high impact on confidentiality and partial integrity, requir...

CVE-2019-2551

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: Print Server. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker...

CVE-2019-2580

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2019-2516

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Grid Infrastructure User privilege with logon to the infrastructure...

CVE-2019-2517

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having DBFSROLE privilege with network access via Oracle Net to compromise Core RDBMS. While the...

CVE-2019-2517

CVE-2019-2517 affects Oracle Database Server’s Core RDBMS component (versions 12.2.0.1 and 18c). The vulnerability can be exploited remotely via Oracle Net by a high-privileged attacker with DBFS_ROLE to compromise the Core RDBMS, potentially taking over the component and impacting related produc...

CVE-2019-2516

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Grid Infrastructure User privilege with logon to the infrastructure...

CVE-2019-2602

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug...

CVE-2018-4006

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the writeConfig functionality. A non-root user is able to write a file anywhere on the system. A user with local access can use this vulnerability to raise their privileges to root. An attacker wou...