971 matches found
CVE-2023-22059
This CVE (CVE-2023-22059) affects Oracle MySQL Server, specifically the Server: Optimizer component. The vulnerability is present in MySQL 8.0.34 and earlier and in 8.1.0, with a low-privilege, network-access attacker able to exploit via multiple protocols to cause a hang or frequently repeated c...
CVE-2018-3276
CVE-2018-3276 affects the Oracle MySQL Server component (subcomponent: Server: Memcached). Affected are MySQL versions 5.6.41 and prior, 5.7.23 and prior, and 8.0.12 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise the MySQL Se...
CVE-2021-2162
CVE-2021-2162 affects Oracle MySQL Server, specifically the Server: Audit Plug-in component. Affected versions are MySQL 5.7.33 and earlier and 8.0.23 and earlier. The vulnerability can be exploited by a low-privilege attacker with network access via multiple protocols to perform unauthorized upd...
CVE-2021-35642
CVE-2021-35642 affects Oracle MySQL Server (Server: Optimizer) with vulnerable 8.0.26 and earlier. Connected documents confirm the issue is exploitable over network and can cause a hang or DoS of MySQL Server. Remediation guidance in the sources indicates upgrading to an newer package version res...
CVE-2022-21633
CVE-2022-21633 is a Denial-of-Service vulnerability in Oracle MySQL Server (Server: Replication) affecting MySQL 8.0.30 and earlier. An attacker with network access via multiple protocols can cause the server to hang or crash. Remediation appears to be upgrading to MySQL 8.0.32 (per ALSA-2023:308...
CVE-2022-39400
CVE-2022-39400 affects Oracle MySQL Server (Server: Optimizer) and applies to MySQL 8.0.30 and earlier. The vulnerability can be exploited over the network by a user with high privileges, potentially causing the server to hang or crash (DoS). Public advisories indicate fixes in newer MySQL 8.0 re...
CVE-2018-3203
CVE-2018-3203 affects Oracle MySQL Server (Server: Optimizer). A vulnerability in the Server: Optimizer could be exploited by a low-privilege, network-accessible attacker to cause a hang or frequent, repeatable crashes (DoS). Affected are MySQL Server versions up to 8.0.12 and earlier. The initia...
CVE-2018-3212
CVE-2018-3212 affects Oracle MySQL Server, subcomponent Server: Information Schema. Affected versions are 8.0.12 and prior. An attacker with network access and high privileges can cause a denial of service via hang or crash of the MySQL Server. Connected Fedora notices indicate this CVE was fixed...
CVE-2021-35575
The CVE-2021-35575 vulnerability affects Oracle MySQL Server (component: Server: Optimizer) in affected versions 8.0.26 and earlier. An attacker with network access and high privileges can cause a hang or frequent crashes (DoS). Mitigation: upgrade to a fixed version (per ALSA-2022:7119, which no...
CVE-2022-39408
CVE-2022-39408 affects Oracle MySQL Server (Server: Optimizer) and targets the MySQL 8.0 line (8.0.30 and earlier). The vulnerability allows a low-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Public details in the provided docs conf...
CVE-2018-3247
CVE-2018-3247 affects Oracle MySQL Server, subcomponent Server: Merge. Affected versions are MySQL 5.6.41 and earlier, 5.7.23 and earlier, and 8.0.12 and earlier. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or frequent...
CVE-2019-2502
CVE-2019-2502 affects Oracle MySQL Server (InnoDB). Affected versions are 8.0.13 and earlier. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (DoS) of MySQL Server. The provided documents do not include e...
CVE-2021-35629
CVE-2021-35629 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.25 and earlier. Attackers with network access via multiple protocols and high privileges can cause a hang or frequent crashes (DoS) in MySQL Server. CVSS 3.1 base score 4.9 (Availability). Remediation: upgrade to ...
CVE-2021-35644
CVE-2021-35644 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.26 and earlier. Description notes a high-privilege attacker with network access via multiple protocols can cause a hang or crash (complete DOS) of MySQL Server. Exploitation and in‑the‑wild details are not provide...
CVE-2022-21297
CVE-2022-21297 affects Oracle MySQL Server (Server: Optimizer). Affected products/versions: MySQL 8.0.26 and earlier. Root cause described in public sources: vulnerability in the Server: Optimizer that can be triggered by network access via multiple protocols by a high-privileged attacker, leadin...
CVE-2022-21378
CVE-2022-21378 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.27 and prior. The vulnerability can be triggered by a high-privilege attacker with network access via multiple protocols, potentially causing a hang or frequent, repeatable crash (complete DoS) of...
CVE-2018-3067
CVE-2018-3067 pertains to Oracle MySQL Server, specifically the Server: Replication subcomponent. The vulnerability affects MySQL 8.0.11 and earlier and can be exploited by a highly privileged attacker with network access via multiple protocols, potentially causing a hang or a frequently occurrin...
CVE-2021-35612
CVE-2021-35612 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.26 and earlier. Description from multiple sources indicates a high-privilege network-exposed attacker could trigger a hang/crash (DoS) and unauthorized data updates via multiple protocols. Remediation cited in con...
CVE-2021-35647
CVE-2021-35647 affects Oracle MySQL Server (Server: Optimizer). Affected: 8.0.26 and earlier. Description: high-privilege attacker with network access via multiple protocols can cause a hang or crash (DoS) in MySQL Server. CVSS 3.1 base 4.9. Remediation: upgrade to a fixed release (e.g., 8.0.28+ ...
CVE-2022-21311
CVE-2022-21311 affects Oracle MySQL Cluster (Cluster: General) with vulnerable versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The issue, in MySQL Cluster, can allow a highly privileged attacker with access to the hardware’s physical communication segment to r...
CVE-2022-21362
CVE-2022-21362 affects Oracle MySQL Server (component: Server: Information Schema). Affected versions are 8.0.27 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause the MySQL Server to hang or crash, resulting in a complete/partial ...
CVE-2024-21054
CVE-2024-21054 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.36 and prior and 8.3.0 and prior. The vulnerability is exploitable over the network by a high-privilege attacker and can cause a hang or crash (complete DOS) of MySQL Server, with C...
CVE-2024-21069
CVE-2024-21069 affects Oracle MySQL Server (Server: DDL). Affected versions are 8.0.36 and prior and 8.3.0 and prior. The vulnerability can be triggered by a high-privileged attacker with network access via multiple protocols to cause a hang or frequent crash (DoS) of MySQL Server. No remediation...
CVE-2018-3062
CVE-2018-3062 affects Oracle MySQL Server (Memcached subcomponent). Affected versions are MySQL 5.6.40 and earlier, 5.7.22 and earlier, and 8.0.11 and earlier. The vulnerability can be exploited by a low-privileged attacker over the memcached network interface to cause the MySQL server to hang or...
CVE-2022-21339
The CVE-2022-21339 entry refers to a vulnerability in Oracle MySQL Server (component: Server: Optimizer) affecting MySQL 8.0.27 and prior. The root cause is unspecified in the provided description beyond the Optimizer impact, with an attacker that must have network access via multiple protocols a...
CVE-2022-21342
CVE-2022-21342 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions: 8.0.27 and earlier. Exploitation requires network access via multiple protocols by a high-privilege attacker and can cause the server to hang or crash, resulting in a complete DOS (CVSS v3.1 base 4.9). M...
CVE-2022-21365
CVE-2022-21365 is discussed across multiple connected advisories as affecting Oracle Java SE and GraalVM EE components (ImageIO, JAXP, Libraries, Hotspot) with affected Java versions including 7u321, 8u311, 11.0.13, 17.0.1 (and later 17.01 in some entries); GraalVM EE: 20.3.4 and 21.3.0. The desc...
CVE-2022-21482
CVE-2022-21482 affects Oracle MySQL Cluster (component: Cluster: General). Affected versions are 8.0.28 and earlier. The vulnerability is difficult to exploit and requires high privileges with access to the physical communication segment attached to the hardware where MySQL Cluster runs; user int...
CVE-2022-21611
CVE-2022-21611 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.30 and earlier. The vulnerability is described as a high-privilege, local issue that can lead to a hang or complete denial of service of MySQL Server. The available connected sources consistently map this CVE to InnoDB...
CVE-2021-35537
CVE-2021-35537 affects Oracle MySQL Server (MySQL Protocol, Server: DML) with vulnerable versions 8.0.25 and earlier. Descriptions consistently indicate an attacker with network access can cause a hang or crash (DoS). Remediation in connected docs points to upgrading to a newer MySQL package vers...
CVE-2021-35635
CVE-2021-35635 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.26 and earlier. Attack requires network access via multiple protocols and a highly privileged attacker could cause a hang or crash (DoS) of MySQL Server (availability impact). Remediation: upgrade to a fixed upstr...
CVE-2022-21349
CVE-2022-21349 is an Oracle Java SE/GraalVM Enterprise Edition vulnerability affecting multiple Java components (e.g., 2D, ImageIO, JAXP, Hotspot, Libraries) across affected releases. Public advisories show affected Java SE versions (e.g., 7u321, 8u311) and GraalVM EE releases (20.3.4, 21.3.0). E...
CVE-2022-21372
CVE-2022-21372 affects Oracle MySQL Server (MySQL) 8.0.27 and earlier, with vulnerable area in Server: Security: Encryption (and related input validation in the optimizer per CNVD/CNNVD). The result is a potential partial denial of service with network access via multiple protocols. Exploitation ...
CVE-2023-21962
CVE-2023-21962 affects Oracle MySQL Server (Server: Components Services). Affected: MySQL 8.0.32 and earlier. Attackers with network access via multiple protocols can exploit this to cause a hang or frequent crash (DOS). CVSS v3.1 base score 4.9 (Availability). The provided documents identify the...
CVE-2018-3145
CVE-2018-3145 affects Oracle MySQL Server (Server: Parser) with impact on availability. Affected: MySQL Server 8.0.12 and earlier; vulnerability allows a low-privilege, network-accessible attacker to trigger a hang or frequent crash (DoS) via multiple protocols. CVSS 3.0 base score 6.5 (AV:N/AC:L...
CVE-2020-14591
CVE-2020-14591 affects MySQL Server (Oracle MySQL) specifically the Server: Audit Plug-in. Affected versions are 8.0.20 and earlier. The vulnerability allows a low-privileged attacker who can reach MySQL over multiple network protocols to cause a hang or a frequently repeatable crash (a full avai...
CVE-2021-35626
CVE-2021-35626 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.26 and earlier. The vulnerability is exploitable by a high-privilege attacker over network via multiple protocols and can cause a hang or a frequent crash (complete DOS) of MySQL Server. The CVSS v3.1 base s...
CVE-2021-35630
CVE-2021-35630 affects Oracle MySQL Server 8.0.26 and earlier (component: Server: Options). The vulnerability allows a high-privilege attacker with network access via multiple protocols to perform unauthorized data creation, deletion, or modification. Remediation: upgrade to a newer MySQL 8.0 rel...
CVE-2022-21310
CVE-2022-21310 affects Oracle MySQL Cluster (Cluster: General). Affected versions are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability is exploitable with adjacent network access, but requires high privileges and user interaction; attacker must be phys...
CVE-2022-21635
CVE-2022-21635 affects Oracle MySQL Server (InnoDB) with vulnerable 8.0.29 and earlier. Root cause: InnoDB component allows high-privilege attacker with network access via multiple protocols to modify data or cause a DoS via hangs/crashes. Affected packages include MySQL Server; Debian/Mariner en...
CVE-2024-20994
CVE-2024-20994 affects Oracle MySQL Server, component Server: Information Schema. Affected versions are 8.0.36 and prior, and 8.3.0 and prior. The vulnerability allows a low-privilege, network-accessing attacker to cause a hang or complete DoS of MySQL Server. No exploitation details are provided...
CVE-2018-3137
CVE-2018-3137 : In Oracle MySQL, the MySQL Server component (Server: Optimizer) is affected. Affected versions are 8.0.12 and earlier. An attacker with network access via multiple protocols and low privileges can remotely cause the server to hang or crash (denial of service). CVSS v3.1 base score...
CVE-2021-35602
CVE-2021-35602 affects Oracle MySQL Server (Server: Options). Affected: MySQL 8.0.26 and earlier. Risk: high privileged attacker with network access via multiple protocols can cause a hang/complete DOS and may gain unauthorized data update/ deletion in accessible data. MITRE/ATT&CK not specified ...
CVE-2022-21599
CVE-2022-21599 affects Oracle MySQL Server (Stored Procedure) in 8.0.30 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to trigger a hang or crash of MySQL Server (DoS). Public advisories in the connected documents indicate this CVE is f...
CVE-2023-21945
CVE-2023-21945 affects the Oracle MySQL Server (component: Server: Optimizer). Affected: 8.0.32 and earlier. The issue enables a high-privilege attacker with network access to cause a hang or frequent crash (DoS) of MySQL Server. Impact documented as Availability loss (CVSS v3.1 base 4.9). Exploi...
CVE-2024-21004
CVE-2024-21004 affects Oracle Java SE (JavaFX) with affected versions Oracle Java SE: 8u401 and Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Root cause: vulnerability in the JavaFX deployment path that loads untrusted code. Impact: can lead to unauthorized update/insert/delete of data i...
CVE-2024-21013
CVE-2024-21013 affects Oracle MySQL Server (Server: Optimizer). Affected versions: 8.0.36 and prior, 8.3.0 and prior. Attack requires network access with high privileges; successful exploitation can cause a hang or crash (complete DoS) of MySQL Server. CVSS v3.1 base score 4.4 (Availability). No ...
CVE-2021-35643
CVE-2021-35643 affects Oracle MySQL Server (Server: Optimizer). Affected versions: 8.0.26 and earlier. An attacker with network access via multiple protocols and high privileges can trigger a hang or complete crash (DOS) of MySQL Server. Impact: Availability loss as described in the CVSS details....
CVE-2022-21296
CVE-2022-21296 affects Oracle Java SE (JAXP, Serialization, Libraries, 2D/Hotspot) and Oracle GraalVM Enterprise Edition. Affected Java SE versions: 7u321, 8u311, 11.0.13, 17.0.1; GraalVM EE: 20.3.4, 21.3.0. The issue allows unauthenticated, network-accessible exploitation that can lead to readin...
CVE-2022-21326
CVE-2022-21326 affects Oracle MySQL Cluster (component: Cluster: General). Affected versions include 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability is exploitable by a high-privilege attacker with access to the physical communication segment attached...