109 matches found
CVE-2022-21547
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...
GHSA-QX3P-9MMP-4V8H Wildfly has a memory leak vulnerability
A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server...
undertow: potential security issue in flow control over HTTP/2 may lead to DOS
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability...
undertow: potential security issue in flow control over HTTP/2 may lead to DOS
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability...
undertow: potential security issue in flow control over HTTP/2 may lead to DOS
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability...
redis: Denial of service via Redis Standard Protocol (RESP) request
A flaw was found in redis. When parsing an incoming Redis Standard Protocol RESP request, redis allocates memory according to user-specified values, which determine the number of elements in the multi-bulk header and size of each element in the bulk header. This flaw allows an unauthenticated,...
CVE-2021-35596
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Error Handling. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
undertow: special character in query results in server errors
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability...
golang: data race in certain net/http servers including ReverseProxy can lead to DoS
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...
CVE-2021-2154
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
Oracle MySQL Server Input Validation Error Vulnerability (CNVD-2021-30877)
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in the Server: DML component of Oracle MySQL Server 8.0.23 and earlier. An attacker could exploit this vulnerability to affect availability...
wildfly: Potential Memory leak in Wildfly when using OpenTracing
A flaw was found in Wildfly. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability...
wildfly: Potential Memory leak in Wildfly when using OpenTracing
A flaw was found in Wildfly. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability...
CVE-2021-2122
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...
wildfly: Potential Memory leak in Wildfly when using OpenTracing
A flaw was found in Wildfly. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability...
wildfly: Potential Memory leak in Wildfly when using OpenTracing
A flaw was found in Wildfly. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability...
wildfly: Potential Memory leak in Wildfly when using OpenTracing
A flaw was found in Wildfly. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability...
golang: data race in certain net/http servers including ReverseProxy can lead to DoS
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability...
CVE-2020-27822
A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server...
CVE-2020-27822
CVE-2020-27822 affects WildFly versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. The underlying issue is a memory leak when applications use the OpenTracing API’s java-interceptors, with availability as the highest impact. NVD lists CVSSv3.1: 5.9 (Medium) and CVSS...