Lucene search
K
NetappOncommand Insight

971 matches found

CVE
CVE
added 2023/10/17 9:2 p.m.351 views

CVE-2023-22066

CVE-2023-22066 affects Oracle MySQL (InnoDB) with affected versions 8.0.34 and earlier and 8.1.0. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Public documentation in the connected sources corroborate...

4.9CVSS5.1AI score0.0094EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.350 views

CVE-2022-21253

CVE-2022-21253 affects Oracle MySQL Server (Server: Optimizer) with the 8.0.27 and earlier versions. The vulnerability allows a high-privilege attacker who can reach the server over network protocols to cause a hang or frequent, repeatable crash (complete DoS). The connected advisories indicate r...

6.8CVSS4.9AI score0.01976EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.349 views

CVE-2018-3056

CVE-2018-3056 affects Oracle MySQL Server: Security: Privileges. Affected versions are MySQL 5.7.22 and earlier and 8.0.11 and earlier. An attacker with network access via multiple protocols can cause unauthorized read access to a subset of MySQL data. Remediation identified in connected advisori...

4.3CVSS3.5AI score0.02541EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.349 views

CVE-2021-2203

CVE-2021-2203 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.23 and earlier. Description indicates an easily exploitable vulnerability that, with network access via multiple protocols, could allow a high-privilege attacker to cause a hang or frequent crashes of My...

4.9CVSS4.9AI score0.01319EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.349 views

CVE-2022-21254

CVE-2022-21254 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.27 and earlier. Description in the CVE notes that a low-privilege attacker with network access via multiple protocols can cause a hang or lengthy crash of MySQL Server (DoS). Connected documents corrobo...

6.3CVSS5.2AI score0.0169EPSS
CVE
CVE
added 2022/04/19 8:38 p.m.349 views

CVE-2022-21485

CVE-2022-21485 affects Oracle MySQL Cluster (Cluster: General). Affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior, and 8.0.28 and prior. The flaw, in the Cluster General component, allows a high-privilege attacker with access to the hardware’s physical communications segment to re...

2.9CVSS2.2AI score0.0175EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.349 views

CVE-2022-21594

CVE-2022-21594 — MySQL Server (Optimizer) Denial of Service . Affects MySQL 8.0.x up to 8.0.30 (including 8.0.30 and prior). The vulnerability resides in the Server: Optimizer component and can be exploited remotely over multiple protocols by a high-privilege attacker to cause the MySQL Server to...

4.9CVSS4.9AI score0.01161EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.348 views

CVE-2018-3144

CVE-2018-3144 affects Oracle MySQL Server: Security: Audit. Affected are MySQL Server versions 5.7.23 and earlier and 8.0.12 and earlier. The vulnerability can be exploited remotely with network access via multiple protocols by an unauthenticated attacker to cause a hang or crash (complete DOS). ...

5.9CVSS5.5AI score0.04445EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.348 views

CVE-2018-3187

CVE-2018-3187 affects Oracle MySQL Server (subcomponent: Server: Optimizer). Affected versions: 5.7.23 and earlier; 8.0.12 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or frequently reproducible crash (DoS) and may also gain unauthorized...

5.5CVSS5.5AI score0.02817EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.348 views

CVE-2018-3283

CVE-2018-3283 is mapped to Oracle MySQL Server: Logging vulnerability. Connected Red Hat entry RHSA-2018:3655 confirms affected components and notes that affected MySQL server components require a security update; remediation is provided via updated MySQL packages (e.g., for the RHSA advisory, up...

4.4CVSS4.5AI score0.02453EPSS
CVE
CVE
added 2021/10/20 10:49 a.m.348 views

CVE-2021-2481

CVE-2021-2481 affects Oracle MySQL Server (Server: Optimizer) on 8.0.26 and earlier. Vulnerability allows a low-privileged, network-access attacker to cause a hang or crash (DoS) via multiple protocols. A fix is available: upgrade to MySQL 8.0.30 (per AlmaLinux ALSA-2022-7119).

6.5CVSS6.2AI score0.02278EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.348 views

CVE-2021-35627

CVE-2021-35627 affects Oracle MySQL Server (Server: Optimizer) versions 8.0.26 and earlier. The vulnerability can be exploited by a high-privilege attacker who has network access via multiple protocols to cause a hang or crash (DoS) in MySQL Server. The base CVSS 3.1 score is 4.9 (Availability im...

4.9CVSS4.9AI score0.01774EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.348 views

CVE-2022-21293

CVE-2022-21293 affects Oracle Java SE (Libraries) and Oracle GraalVM Enterprise Edition as listed: Java SE 7u321, 8u311, 11.0.13, 17.0.1; GraalVM EE 20.3.4 and 21.3.0. The issue allows unauthenticated network-based exploitation via multiple protocols, potentially enabling a partial denial of serv...

5.3CVSS4.8AI score0.08346EPSS
CVE
CVE
added 2022/01/19 11:25 a.m.348 views

CVE-2022-21367

CVE-2022-21367 affects Oracle MySQL Server (Server: Compiling) with vulnerable versions 5.7.36 and earlier, and 8.0.27 and earlier. The vulnerability can allow a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) and may enable unauthorized update/in...

5.5CVSS5.4AI score0.01257EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.347 views

CVE-2018-3054

CVE-2018-3054 affects Oracle MySQL Server (subcomponent: Server: DDL). Affected are MySQL 5.7.22 and earlier and 8.0.11 and earlier. Exploitation can cause a high-privilege attacker to trigger a denial of service (hang/crash) in MySQL Server (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Remediation is t...

4.9CVSS4.8AI score0.03461EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.347 views

CVE-2019-2950

CVE-2019-2950 affects Oracle MySQL's MySQL Server (Server: Optimizer). Affected version: 8.0.16 and prior. The issue is a vulnerability in the Optimizer that, if exploited by a high-privilege attacker with network access via multiple protocols, can cause the MySQL Server to hang or crash (complet...

4.9CVSS4.8AI score0.03139EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.347 views

CVE-2020-14827

Summary of CVE-2020-14827 : A vulnerability in Oracle MySQL Server (Server: Security: LDAP Auth) affects MySQL 5.7.x up to 5.7.31 and MySQL 8.0.x up to 8.0.21. An attacker with low privileges who can reach the server over multiple network protocols can exploit this to gain unauthorized access to ...

6.5CVSS6.1AI score0.01562EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.347 views

CVE-2020-2593

CVE-2020-2593 affects multiple OpenJDK/JRE components across the Java SE/Embedded stack (Networking, Security, Serialization, 2D, JAXP, Libraries, etc.). Connected advisories enumerate affected versions including Java SE 7u231/7u241, 8u221/8u231, 11.0.4/11.0.5, and 13.0.1, with OpenJDK builds for...

5.8CVSS4.9AI score0.02984EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.347 views

CVE-2021-35622

CVE-2021-35622 affects Oracle MySQL Server (Server: Security: Encryption) and is exploitable over the network on affected builds. Affected: MySQL 8.0.26 and earlier. Impact: attacker with high privileges can cause a hang or a complete DoS of MySQL Server (Availability impact). Connected documents...

4.9CVSS4.9AI score0.01294EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.347 views

CVE-2022-21256

CVE-2022-21256 affects Oracle MySQL Server, specifically the Group Replication Plugin. Affected: MySQL Server versions 8.0.27 and earlier. Exploitation requires high privileges over the network via multiple protocols and can cause the server to hang or crash (complete DoS). Remediation: upgrade t...

6.8CVSS4.9AI score0.02031EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.347 views

CVE-2022-21270

CVE-2022-21270 pertains to MySQL Server (Oracle MySQL), specifically the Federated server component. Affected are MySQL Server versions 5.7.36 and earlier, and 8.0.27 and earlier. The vulnerability enables a high-privilege attacker who can access the server over multiple network protocols to caus...

4.9CVSS4.9AI score0.01856EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.347 views

CVE-2024-21102

CVE-2024-21102 affects Oracle MySQL Server (component: Server: Thread Pooling). Affected versions are 8.0.36 and earlier, and 8.3.0 and earlier. The description states an easily exploitable vulnerability that, with network access via multiple protocols and a high-privilege attacker, can lead to a...

4.9CVSS5.7AI score0.01107EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.346 views

CVE-2018-3065

CVE-2018-3065 affects Oracle MySQL Server (Server: DML) prior to 5.7.23/8.0.x with 5.7.22 and 8.0.11 as affected baselines. It is exploitable by a low-privilege, network-accessible attacker via multiple protocols, and can cause a hang or crash (DoS) of MySQL Server. Remediation per sources points...

6.5CVSS6.1AI score0.03683EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.346 views

CVE-2022-21324

CVE-2022-21324 affects Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The issue is described as a buffer-related vulnerability that could allow an attacker with access to the hardware’s physical commun...

2.9CVSS2.2AI score0.01443EPSS
CVE
CVE
added 2022/04/19 8:36 p.m.346 views

CVE-2022-21412

CVE-2022-21412 involves Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.28 and earlier. An attacker with network access and high privileges can cause the server to hang or crash (complete DOS). Public advisories confirm fixes in subsequent MySQL releases across distr...

4.9CVSS4.8AI score0.01456EPSS
CVE
CVE
added 2024/04/16 9:25 p.m.346 views

CVE-2024-21002

CVE-2024-21002 affects Oracle Java SE (JavaFX) and Oracle GraalVM Enterprise Edition. Affected: Oracle Java SE 8u401; Oracle GraalVM Enterprise Edition 20.3.13 and 21.3.9. Exploitation requires user interaction; an unauthenticated attacker with login could indirectly impact data via updates/inser...

2.5CVSS2.4AI score0.00354EPSS
CVE
CVE
added 2024/04/16 9:25 p.m.346 views

CVE-2024-21003

CVE-2024-21003 affects Oracle Java SE (JavaFX) and Oracle GraalVM Enterprise Edition. Affected: Oracle Java SE 8u401; GraalVM EE 20.3.13 and 21.3.9. Attack requires network access and user interaction; exploitation is difficult. Remediation is to apply the corresponding vendor fixes: Azul Zulu Op...

3.1CVSS2.5AI score0.00863EPSS
CVE
CVE
added 2021/03/03 5:37 p.m.345 views

CVE-2021-22884

CVE-2021-22884 affects Node.js runtimes prior to 10.24.0, 12.21.0, 14.16.0 and 15.10.0, where the DNS rebinding protection can be bypassed due to a whitelist entry for “localhost6”. If an attacker controls or spoofs the victim’s DNS responses, they can exploit the DNS rebinding weakness to connec...

7.5CVSS7.5AI score0.32362EPSS
CVE
CVE
added 2022/01/19 11:26 a.m.345 views

CVE-2022-21374

CVE-2022-21374 affects Oracle MySQL Server (component: Server: Information Schema). Connected sources indicate the root cause is an input validation error in the Server: Optimizer, enabling remote exploitation that could corrupt or delete data. Affected versions include 8.0.27 and earlier; remedi...

4.9CVSS4.9AI score0.01341EPSS
CVE
CVE
added 2022/07/19 9:6 p.m.345 views

CVE-2022-21455

CVE-2022-21455 affects Oracle MySQL Server PAM Auth Plugin in MySQL 8.0.28 and earlier. The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to compromise MySQL Server, potentially allowing unauthorized creation, deletion, or modification of critical da...

4.9CVSS4.7AI score0.00866EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.345 views

CVE-2022-21608

CVE-2022-21608 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected: MySQL 5.7.39 and earlier and 8.0.30 and earlier. Attack could be executed remotely with high privileges over multiple protocols, potentially causing the server to hang or crash (DoS). Public detail...

4.9CVSS4.8AI score0.01381EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.344 views

CVE-2021-35632

CVE-2021-35632 affects Oracle MySQL Server (Server: Data Dictionary). Affected: MySQL 8.0.26 and earlier. Description from the CVE notes an easily exploitable, local-privilege path that can cause a hang or complete DoS of MySQL Server. Connected documents corroborate that this CVE lies in the Dat...

4.4CVSS4.6AI score0.0039EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.343 views

CVE-2021-35637

CVE-2021-35637 affects Oracle MySQL Server (Server: PS) with affected versions 8.0.26 and earlier. The vulnerability is exploitable by a highly privileged attacker with network access via multiple protocols and can cause a hang or crash (DoS) of MySQL Server. Reported CVSS 3.1 base score is 4.9. ...

6.8CVSS4.9AI score0.01999EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.343 views

CVE-2022-21282

CVE-2022-21282 is a combined Java/Oracle Java SE/GraalVM issue reported across multiple advisories. The connected documents identify assorted affected components and versions, notably: Serialization , JAXP , Libraries , Hotspot , and ImageIO within Oracle Java SE and GraalVM Enterprise Edition. A...

5.3CVSS4.5AI score0.02877EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.343 views

CVE-2022-21302

CVE-2022-21302 affects MySQL Server (InnoDB) with affected version range 8.0.27 and earlier. The advisory indicates a low-privilege network-access vulnerability in InnoDB that can cause a hang or repeated crash (potential DOS). Observed mitigation in connected docs points to upgrading MySQL to 8....

5.3CVSS5.2AI score0.01544EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.343 views

CVE-2022-21434

CVE-2022-21434 affects Oracle Java SE and GraalVM Enterprise Edition. Connected advisories list multiple vulnerable components and affected versions: Oracle Java SE libraries and JAXP, as well as GraalVM EE components (Libraries, JAXP, Hotspot, 2D, ImageIO, etc.). Exploitation is described as net...

5.3CVSS5.3AI score0.02541EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.342 views

CVE-2021-35628

CVE-2021-35628 affects Oracle MySQL Server (Server: Optimizer) in versions 8.0.26 and earlier. A high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (DoS). The issue is associated with the Server: Optimizer component and is publicly catal...

4.9CVSS4.9AI score0.01883EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.342 views

CVE-2021-35631

The CVE-2021-35631 entry applies to Oracle MySQL Server (Server: GIS) with affected versions 8.0.26 and earlier. It describes a high-privilege attacker who can gain network access via multiple protocols to cause the MySQL server to hang or crash (complete DoS). The risk is supported by CVSS 3.1 v...

4.9CVSS4.9AI score0.01883EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.342 views

CVE-2022-21279

CVE-2022-21279 affects Oracle MySQL Cluster (Cluster: General) with vulnerable MySQL NDB Cluster components. Impacted versions include 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability is described in sources as an input validation error (and related re...

6.3CVSS5.6AI score0.78951EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.342 views

CVE-2022-21425

The CVE-2022-21425 issue affects Oracle MySQL Server (component: Server: DDL) with affected versions 8.0.28 and older. The vulnerability enables a high-privilege attacker who can reach MySQL Server over the network via multiple protocols to cause a hang or crash (denial of service) and potentiall...

5.5CVSS5.4AI score0.01257EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.342 views

CVE-2022-21617

CVE-2022-21617 affects Oracle MySQL Server, specifically the Server: Connection Handling component. Affected versions are MySQL 5.7.39 and earlier and 8.0.30 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or frequent, repeatable crashes (d...

4.9CVSS4.9AI score0.01369EPSS
CVE
CVE
added 2024/01/16 9:41 p.m.342 views

CVE-2024-20977

CVE-2024-20977 affects MySQL Server (Oracle MySQL), specifically the Server: Optimizer (and related Server components) with vulnerable versions 8.0.35 and earlier and 8.2.0 and earlier. The issue is exploitable over the network by a low-privileged attacker via multiple protocols, potentially caus...

6.5CVSS6.3AI score0.01057EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.341 views

CVE-2020-14869

CVE-2020-14869 affects Oracle MySQL Server, specifically the LDAP Authentication path in the Server component. Affects MySQL 5.7.x up to 5.7.31 and earlier, and 8.0.x up to 8.0.21 and earlier. An attacker with network access can exploit via multiple protocols to cause a hang or a frequently repea...

6.8CVSS5AI score0.0178EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.341 views

CVE-2021-35634

CVE-2021-35634 affects Oracle MySQL Server (Server: Optimizer) and is listed as affected in 8.0.26 and earlier. The vulnerability can allow a high-privilege attacker with network access via multiple protocols to cause a hang or complete DoS (A: high). Connected advisories indicate remediation by ...

4.9CVSS4.9AI score0.01883EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.341 views

CVE-2021-35638

CVE-2021-35638 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.26 and earlier. Exploitation by a high-privilege attacker with network access via multiple protocols can cause a hang or crash (DoS). Remediation in linked advisories shows upgrades to newer builds (e.g., MySQL 8....

6.8CVSS4.9AI score0.01945EPSS
CVE
CVE
added 2022/05/24 6:19 p.m.341 views

CVE-2021-3629

CVE-2021-3629 affects Undertow. The vulnerability is a flow-control handling issue over HTTP/2 that may cause overhead or a denial of service, impacting availability. Affected versions are Undertow prior to 2.0.40.Final and prior to 2.2.11.Final. Remediation: upgrade to Undertow 2.0.40.Final or 2...

5.9CVSS6AI score0.01175EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.341 views

CVE-2022-21264

CVE-2022-21264 affects Oracle MySQL Server, specifically the Server: Optimizer, with vulnerable versions 8.0.27 and prior. The issue enables a high-privilege attacker with network access (via multiple protocols) to cause a hang or frequent, repeatable crash (complete DoS) of MySQL Server. Affecte...

4.9CVSS4.9AI score0.01856EPSS
CVE
CVE
added 2022/01/19 11:25 a.m.341 views

CVE-2022-21351

CVE-2022-21351 affects Oracle MySQL Server (Server: Optimizer). Affected versions: 8.0.27 and prior. Root cause: input validation error in the Server: Optimizer component. Impact: can allow a low-privileged attacker with network access to cause a hang or a frequent crash (DoS) and unauthorized up...

7.1CVSS6.6AI score0.0127EPSS
CVE
CVE
added 2022/01/19 11:25 a.m.341 views

CVE-2022-21370

CVE-2022-21370 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions up to 8.0.27. Root cause cited as an input validation/optimizer issue that could enable a high-privilege, network-remote attacker to cause a hang or complete DOS of MySQL Server. Public references show fixes i...

4.9CVSS4.9AI score0.01379EPSS
CVE
CVE
added 2023/10/17 9:2 p.m.341 views

CVE-2023-22059

This CVE (CVE-2023-22059) affects Oracle MySQL Server, specifically the Server: Optimizer component. The vulnerability is present in MySQL 8.0.34 and earlier and in 8.1.0, with a low-privilege, network-access attacker able to exploit via multiple protocols to cause a hang or frequently repeated c...

6.5CVSS6.4AI score0.00969EPSS
Total number of security vulnerabilities971