971 matches found
CVE-2024-21008
CVE-2024-21008 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL Server versions 8.0.36 and prior, and 8.3.0 and prior. Attackers with network access via multiple protocols and high privileges can cause a hang or a crash (DoS). The information in connected sources corroborates the ...
CVE-2024-21060
CVE-2024-21060 affects Oracle MySQL Server (Server: Data Dictionary). Affected versions: 8.0.36 and prior, 8.3.0 and prior. An attacker with high privileges and network access via multiple protocols can cause a hang or frequent crash (DoS). The vulnerability is described as easily exploitable. Pu...
CVE-2018-3286
CVE-2018-3286 affects Oracle MySQL Server (Server: Security: Privileges). Affected: MySQL 8.0.12 and earlier. Description from multiple sources: vulnerability allows a low-privileged, network-accessing attacker to modify data in MySQL Server through various protocols, with impact described as una...
CVE-2021-35640
CVE-2021-35640 affects Oracle MySQL Server (component: Server: DDL). Affected: MySQL 8.0.26 and earlier. Attack scenario: high-privilege attacker with network access via multiple protocols can exploit the flaw to perform unauthorized updates/inserts/deletes on some MySQL data. Impact per CVE desc...
CVE-2022-21360
CVE-2022-21360 affects Oracle Java SE and Oracle GraalVM Enterprise Edition (ImageIO component). Affected: Oracle Java SE 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition 20.3.4 and 21.3.0. Description: an easily exploitable, unauthenticated remote vulnerability could allow partia...
CVE-2022-21483
CVE-2022-21483 affects Oracle MySQL Cluster (component: Cluster: General). Affected versions include 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior, and 8.0.28 and prior. The vulnerability allows a high-privilege attacker with access to the physical communication segment to compromise MySQL...
CVE-2023-21935
CVE-2023-21935 affects Oracle MySQL Server (Server: Optimizer) in 8.0.32 and earlier; exploit leads to high-privilege remote denial of service (hangs/crashes). Mitigation is upgrading to a patched MySQL 8.0.x release (vendor advisories and distro updates list 8.0.33+ and newer, e.g., Fedora/AlmaL...
CVE-2024-20993
CVE-2024-20993 affects Oracle MySQL Server, specifically the Optimizer component. Affected versions are MySQL 8.0.35 and earlier and 8.2.0 and earlier. The vulnerability is exploitable by an attacker with network access via multiple protocols and is described as capable of causing a hang or a fre...
CVE-2018-3066
CVE-2018-3066 affects the MySQL Server component (subcomponent: Server: Options) and is disclosed across multiple advisories. Affected versions include 5.5.60 and earlier, 5.6.40 and earlier, and 5.7.22 and earlier. The vulnerability is described as difficult to exploit, requiring network access ...
CVE-2018-3080
CVE-2018-3080 : Oracle MySQL Server (DDL subcomponent) is affected in 8.0.11 and earlier. The vulnerability, described as a server-side issue in the DDL path, can be exploited by a highly privileged attacker with network access via multiple protocols to trigger a hang or crash of MySQL Server, re...
CVE-2020-2816
CVE-2020-2816 affects Oracle Java SE JSSE in Java SE 11.0.6 and 14. The vulnerability allows an unauthenticated attacker with network access via HTTPS to compromise Java SE, potentially enabling unauthorized creation, deletion, or modification of data in Java SE‑accessible data. The description n...
CVE-2021-35607
CVE-2021-35607 affects Oracle MySQL Server (Server: DML) with affected versions 8.0.26 and earlier. The vulnerability allows a low-privileged, network-access attacker via multiple protocols to cause a hang or a frequent crash (DoS) of MySQL Server (CVSS v3.1 base 6.5). Connected sources indicate ...
CVE-2021-35633
CVE-2021-35633 affects Oracle MySQL Server (component: Server: Logging). Affected versions are 8.0.26 and earlier. The vulnerability allows a high-privileged attacker with network access through multiple protocols to cause a partial denial of service on MySQL Server. The CVSSv3.1 Base Score is 2....
CVE-2022-21280
The CVE-2022-21280 entry refers to Oracle MySQL Cluster (Component: Cluster: General). Affected versions are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability is described as difficult to exploit, requiring access to the physical communication segment a...
CVE-2022-21323
CVE-2022-21323 affects Oracle MySQL Cluster (Cluster: General). Affected: MySQL Cluster products prior to 7.5.24, 7.6.20, and 8.0.27. The issue allows a high-privilege attacker with access to the physical communication segment to compromise the cluster, enabling unauthorized read access to a subs...
CVE-2022-21357
CVE-2022-21357 affects Oracle MySQL Cluster (Cluster: General). Affected: 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, 8.0.27 and prior. Reported impact: unauthorized read of a subset of MySQL Cluster data and partial denial of service. Exploitation details vary by source, but public rec...
CVE-2024-20922
CVE-2024-20922 affects Oracle Java SE (JavaFX) and Oracle GraalVM Enterprise Edition, with affected Oracle Java SE: 8u391 and Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. The vulnerability is described as difficult to exploit and requires a logged-on user, with potential unauthorized up...
CVE-2024-20932
CVE-2024-20932 affects Oracle Java SE and GraalVM offerings (Java SE 17.0.9; GraalVM for JDK 17.0.9; GraalVM Enterprise 21.3.8, 22.3.4) in the Security component. The vulnerability allows unauthenticated, network-exposed attackers to modify or view data in affected deployments, with CVSS 3.1 metr...
CVE-2022-21355
CVE-2022-21355 affects Oracle MySQL Cluster (Cluster: General). Public sources enumerate affected versions: 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. Several connected documents describe this as a buffer overflow vulnerability in MySQL Cluster, with the potential...
CVE-2022-21600
CVE-2022-21600 affects Oracle MySQL Server (Server: Optimizer). Affected: 8.0.27 and earlier. Exploitation by a high-privilege attacker with network access via multiple protocols can lead to takeover of the MySQL Server. CVSS v3.1 base score 7.2 (C/H I/H A/H). Remediation per advisory sources inc...
CVE-2024-21051
CVE-2024-21051 concerns Oracle MySQL Server (component: Server: DML). Affected are 8.0.34 and earlier. The vulnerability is exploitable by an attacker with network access through multiple protocols and can lead to a hang or frequently repeatable crash (complete DoS) of MySQL Server. The CVSSv3.1 ...
CVE-2018-2973
CVE-2018-2973 is an Oracle Java SE/JSSE vulnerability affecting Java SE: 6u191, 7u181, 8u172, 10.0.1 and Java SE Embedded: 8u171. It can be exploited over the network with SSL/TLS by an unauthenticated attacker to cause unauthorized data modifications (integrity impact). Affected deployments load...
CVE-2018-3073
CVE-2018-3073 affects Oracle MySQL Server (Server: Optimizer). Affected are MySQL 8.0.11 and earlier. The vulnerability could be exploited by a low-privilege, network-authenticated attacker via multiple protocols to cause a hang or frequent crash of MySQL Server (denial of service, high Availabil...
CVE-2018-3078
CVE-2018-3078 affects Oracle MySQL Server (Server: DDL) with affected versions 8.0.11 and earlier. The vulnerability can be exploited by a high-privilege attacker who can access the server over multiple network protocols to cause the MySQL Server to hang or crash (complete DoS). If exploiting det...
CVE-2021-35517
CVE-2021-35517 affects Apache Commons Compress tar handling. The vulnerability, triggered by reading a specially crafted TAR archive, can cause Compress to allocate excessive memory, potentially leading to an out-of-memory condition and a denial-of-service against services using Compress’ tar pac...
CVE-2022-21334
CVE-2022-21334 affects Oracle MySQL Cluster (Cluster: General) with affected versions 8.0.27 and earlier. The vulnerability is described as potentially leading to takeover of MySQL Cluster with a requirement for user interaction and access to the physical communication segment, and it is characte...
CVE-2022-21356
The CVE-2022-21356 entry concerns Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. The vulnerability appears to allow a high-privilege attacker with access to the physical communication segment t...
CVE-2018-3082
CVE-2018-3082 affects Oracle MySQL’s MySQL Server component, specifically the Server: DDL subcomponent. Affected are MySQL 8.0.11 and earlier. An attacker with network access via multiple protocols and high privileges can read a subset of MySQL Server data due to the vulnerability. The issue is a...
CVE-2018-3170
CVE-2018-3170 affects Oracle MySQL Server (Server: DDL). Affected: MySQL 8.0.12 and earlier. Description from multiple sources confirms a high-privilege attacker with network access via multiple protocols can cause a hang or complete denial of service (DOS) on MySQL Server. Several connected advi...
CVE-2024-21049
CVE-2024-21049 affects Oracle MySQL Server (Server: DML). Affected: MySQL Server 8.0.34 and earlier. Attackers with network access via multiple protocols and with high privileges can cause a hang or frequent crash (DoS). Public details in connected docs confirm the vulnerability class and impact;...
CVE-2018-3279
CVE-2018-3279 affects Oracle MySQL Server (subcomponent: Server: Security: Roles). Affected versions are 8.0.12 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent crash (DoS) of MySQL Server. CVSS 3.0 base score ...
CVE-2022-21312
CVE-2022-21312 affects the MySQL Cluster component of Oracle MySQL. Affected versions are 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. The vulnerability can be exploited by a highly privileged attacker with access to the physical network segment attached to ...
CVE-2022-21314
The CVE-2022-21314 entry concerns Oracle MySQL Cluster (component: Cluster: General). Affected versions are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability allows a highly privileged attacker with access to the hardware’s physical communication segmen...
CVE-2024-20971
CVE-2024-20971 affects Oracle MySQL Server (component: Server: Optimizer) and related Server areas. Affected: MySQL 8.0.35 and earlier and 8.2.0 and earlier. Impact: high-level attacker with network access via multiple protocols can cause a hang or repeated crashes (complete DOS) of MySQL Server....
CVE-2018-2767
CVE-2018-2767 affects Oracle MySQL Server (subcomponent: Server: Security: Encryption). Affected are MySQL Server versions 5.5.60 and earlier, 5.6.40 and earlier, and 5.7.22 and earlier. The vulnerability allows a low-privilege attacker who can reach the server over multiple network protocols to ...
CVE-2024-21061
CVE-2024-21061 affects Oracle MySQL’s server-side Audit Plug-in in MySQL Server. Affected versions are 8.0.35 and earlier and 8.2.0 and earlier. The vulnerability enables a high-privilege attacker who can reach the server over network protocols to cause a hang or frequently repeatable crash (comp...
CVE-2018-3195
CVE-2018-3195 affects Oracle MySQL Server, specifically the Server: DDL subcomponent. The connected advisory for this CVE confirms affected versions are 8.0.12 and prior. The vulnerability can be exploited by a high-privileged attacker who can access the server over multiple network protocols, an...
CVE-2023-21911
CVE-2023-21911 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.32 and earlier. The advisory states the issue allows a high-privilege attacker, over the network via multiple protocols, to cause a hang or crash (complete DoS) of MySQL Server. Exploitation details are not provided ...
CVE-2024-20967
CVE-2024-20967 affects Oracle MySQL Server (Server: Replication). Affected: MySQL 8.0.35 and prior, 8.2.0 and prior. Attackers with network access via multiple protocols and with high privileges can cause a complete DOS (hang/crash) and unauthorized data updates/deletes. CVSSv3.1: AV:N/AC:L/PR:H/...
CVE-2022-21309
The CVE-2022-21309 entry concerns Oracle MySQL Cluster (Cluster: General). Affected are MySQL Cluster versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability is exploitable only by a high-privilege attacker with access to the hardware’s physical comm...
CVE-2018-2938
CVE-2018-2938 concerns a vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Affected versions are Java SE: 6u191, 7u181, and 8u172. The vulnerability is described as difficult to exploit but capable of allowing an unauthenticated attacker with network access via mul...
CVE-2022-21285
CVE-2022-21285 affects Oracle MySQL Cluster (Cluster: General) for MySQL Cluster: vulnerable in versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. Root cause details are not explicitly stated in the provided documents beyond the vulnerability description. The vul...
CVE-2022-21287
CVE-2022-21287 affects Oracle MySQL Cluster (Cluster: General). Affected versions: 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, 8.0.27 and prior. The issue can allow takeover of MySQL Cluster and is described as high impact to confidentiality, integrity, and availability. Exploitation co...
CVE-2022-21329
The CVE-2022-21329 entry concerns Oracle MySQL Cluster (component: Cluster: General). Affected versions are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability allows a high-privilege attacker with access to the hardware’s physical communication segment t...
CVE-2022-21332
CVE-2022-21332 affects Oracle MySQL Cluster (Cluster: General). Affected versions: 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, 8.0.27 and prior. The vulnerability allows a high-privilege attacker with access to the hardware’s physical communication segment to takeover the MySQL Cluster,...
CVE-2022-21333
CVE-2022-21333 is a vulnerability in Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. The connected sources describe a buffer overflow in Oracle MySQL Cluster that can allow a high-privilege atta...
CVE-2023-21947
CVE-2023-21947 affects Oracle MySQL Server (component: Server: Components Services) version 8.0.32 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or a frequent, repeatable crash (complete DoS) of MySQL Server. The descrip...
CVE-2024-20983
CVE-2024-20983 affects MySQL Server (Oracle MySQL), specifically the Server: DML component. Affected versions are 8.0.34 and earlier. The vulnerability can be exploited by a highly privileged attacker who has network access via multiple protocols, enabling a denial of service (hang or repeated cr...
CVE-2022-21288
CVE-2022-21288 affects Oracle MySQL Cluster (Cluster: General). Affected versions: 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. Root cause details are not fully specified in the provided documents, but the impact is a takeover of MySQL Cluster with high privileges, ...
CVE-2022-21313
CVE-2022-21313 concerns the Oracle MySQL Cluster component (Cluster: General). The vulnerability affects MySQL Cluster in versions 7.6.20 and earlier and 8.0.27 and earlier. It is described as allowing a high-privilege attacker with access to the hardware’s physical communication segment to obtai...