Lucene search
K
NetappOncommand Insight

971 matches found

CVE
CVE
added 2022/01/19 11:24 a.m.310 views

CVE-2022-21315

The CVE-2022-21315 entry concerns Oracle MySQL Cluster (Cluster: General). Affected are MySQL Cluster versions 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. The vulnerability is exploitable by a high-privilege attacker who has access to the physical communica...

6.3CVSS5.6AI score0.02518EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.309 views

CVE-2018-3186

CVE-2018-3186 affects Oracle MySQL Server (Server: Optimizer) prior to or including 8.0.12. An attacker with high privileges and network access via multiple protocols can cause a hang or crash (DoS) in MySQL Server. The provided documents specify the vulnerable component and impact but do not inc...

4.9CVSS4.9AI score0.02108EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.309 views

CVE-2022-21307

CVE-2022-21307 affects Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability arises in MySQL Cluster and, per sources, can lead to takeover of the cluster and has a CVSS 3.1 base score of 6....

6.3CVSS5.6AI score0.02518EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.309 views

CVE-2024-21056

CVE-2024-21056 affects Oracle MySQL Server (Server: DML); supported versions 8.0.34 and prior are impacted. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent, complete denial of service of MySQL Server. CVSS 3.1 base score 4...

4.9CVSS4.7AI score0.00887EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.308 views

CVE-2024-21050

CVE-2024-21050 is a MySQL Server vulnerability (Oracle MySQL) in the Server: DML component. Affected versions are 8.0.34 and earlier. An attacker with network access and high privileges can cause the MySQL Server to hang or crash (complete DOS). The public details consistently describe the issue ...

4.9CVSS5.8AI score0.00986EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.308 views

CVE-2024-21055

CVE-2024-21055 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.35 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or a frequent, repeatable crash (complete DOS) of MySQL Server. The base...

4.9CVSS4.7AI score0.00887EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.307 views

CVE-2018-3182

CVE-2018-3182 affects the MySQL Server component (Server: DML). Affected versions are 8.0.12 and prior. An attacker with network access and low privileges via multiple protocols can cause the MySQL Server to hang or crash (DoS). CVSS 3.0 base score is 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Th...

6.5CVSS6.1AI score0.02189EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.306 views

CVE-2022-21286

CVE-2022-21286 affects Oracle MySQL Cluster (Cluster: General). Affected versions are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability can be exploited by a high-privilege attacker with access to the physical communication segment used by the MySQL Clu...

6.3CVSS5.6AI score0.02686EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.306 views

CVE-2022-21319

CVE-2022-21319 applies to Oracle MySQL Cluster (Cluster: General) and affects MySQL Cluster versions up to 8.0.27.x and earlier (also 7.x series). The vulnerability allows an attacker with access to the physical cluster network to read a subset of data and may enable partial DoS; exploitation req...

2.9CVSS2.2AI score0.01386EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.305 views

CVE-2022-21322

CVE-2022-21322 affects Oracle MySQL Cluster (component: Cluster: General). Affected are MySQL Cluster versions 8.0.27 and earlier. The vulnerability is described as high impact and difficult to exploit, requiring access to the physical network segment and user interaction, with potential takeover...

6.3CVSS5.6AI score0.02621EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.304 views

CVE-2018-2755

CVE-2018-2755 affects Oracle MySQL Server (Server: Replication) and is present in supported MySQL/MariaDB branches up to specific prior versions: 5.5.59 and earlier, 5.6.39 and earlier, and 5.7.21 and earlier. The issue allows takeover of MySQL Server and requires logon with user interaction; imp...

7.7CVSS6.6AI score0.00848EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.304 views

CVE-2022-21289

CVE-2022-21289 affects Oracle MySQL Cluster (Cluster: General). Affected versions: 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The issue is described as a vulnerability that, when exploited by a highly privileged attacker with access to the hardware’s physical comm...

6.3CVSS5.6AI score0.02686EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.303 views

CVE-2022-21290

CVE-2022-21290 affects Oracle MySQL Cluster (component: Cluster: General). Affected versions: 8.0.27 and earlier. The issue is exploitable by a high-privilege attacker with access to the physical communication segment attached to the hardware where MySQL Cluster runs, with exploitation requiring ...

6.3CVSS5.6AI score0.03068EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.303 views

CVE-2022-21320

The CVE-2022-21320 entry concerns Oracle MySQL Cluster (component: Cluster: General). Affected are versions 8.0.27 and earlier. The flaw allows takeover of MySQL Cluster and is described as difficult to exploit, requiring access to the hardware’s physical communication segment and human interacti...

6.3CVSS5.6AI score0.02686EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.302 views

CVE-2022-21308

CVE-2022-21308 affects Oracle MySQL Cluster (Cluster: General) with affected versions 8.0.27 and earlier. The vulnerability, which requires human interaction and local access to the hardware communication segment, can lead to takeover of MySQL Cluster. A fix exists: upgrade to MySQL package versi...

6.3CVSS5.6AI score0.02686EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.302 views

CVE-2022-21327

CVE-2022-21327 : Vulnerability in Oracle MySQL Cluster (Cluster: General). Affected versions: 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. Exploitation requires high privileges and access to the physical network segment; user interaction is required. Success...

6.3CVSS5.6AI score0.02795EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.301 views

CVE-2017-10355

CVE-2017-10355 is documented across multiple openJDK/OpenJDK-derived advisories (CentOS, Debian, Amazon, IBM, etc.) as a networking vulnerability in the FtpClient component of OpenJDK’s Java SE/Java SE Embedded. Technical details in connected sources specify that the FtpClient did not set default...

5.3CVSS5.3AI score0.16181EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.301 views

CVE-2023-21953

CVE-2023-21953 affects Oracle MySQL Server, component Server: Partition , with affected versions 8.0.32 and prior . The connected materials confirm this is a vulnerability that an attacker with network access via multiple protocols could exploit to cause a hang or frequently repeatable crash (com...

4.9CVSS5.2AI score0.01456EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.300 views

CVE-2022-21335

CVE-2022-21335 concerns Oracle MySQL Cluster (Cluster: General). Affected: MySQL Cluster versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The issue is described as difficult to exploit and requires high privileges with access to the physical communication segme...

6.3CVSS5.6AI score0.02621EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.299 views

CVE-2022-21284

The CVE-2022-21284 entry concerns Oracle MySQL Cluster (Cluster: General) with affected versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability allows a high-privilege attacker who has access to the physical network segment to compromise the MySQL Cl...

6.3CVSS5.6AI score0.02686EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.298 views

CVE-2018-2940

CVE-2018-2940 affects Oracle Java SE and Java SE Embedded Libraries. Affected: Java SE 6u191, 7u181, 8u172, 10.0.1; Java SE Embedded 8u171. Underlying issue in the Libraries component allows an unauthenticated, network-accessible attacker to read data from Java deployments that load untrusted cod...

4.3CVSS4.2AI score0.03146EPSS
CVE
CVE
added 2021/08/05 12:0 a.m.298 views

CVE-2021-22926

CVE-2021-22926 affects curl/libcurl where using CURLOPT_SSLCERT can be spoofed when libcurl uses macOS Secure Transport. A writable current working directory attacker can cause the app to select a file-based cert over a named cert, resulting in the wrong client certificate being sent in TLS hands...

7.5CVSS7.2AI score0.0982EPSS
CVE
CVE
added 2021/07/13 7:15 a.m.298 views

CVE-2021-35516

CVE-2021-35516 affects Apache Commons Compress (the sevenz package). A specially crafted 7Z archive can cause the library to allocate excessive memory, ultimately causing an out-of-memory condition and a denial-of-service on services that use Compress’ sevenz component. The initial description do...

7.5CVSS7.3AI score0.12697EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.298 views

CVE-2023-21929

CVE-2023-21929 affects Oracle MySQL Server (component: Server: DDL) in MySQL 8.0.32 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) and perform unauthorized data updates/inserts/deletes on accessible data. R...

5.5CVSS5.7AI score0.01272EPSS
CVE
CVE
added 2022/01/19 11:24 a.m.297 views

CVE-2022-21337

The CVE-2022-21337 entry concerns Oracle MySQL Cluster (Cluster: General). Affected are MySQL Cluster releases up to and including 7.4.34, 7.5.24, 7.6.20, and 8.0.27 (and prior). The vulnerability enables takeover of MySQL Cluster by a high-privilege attacker who has access to the physical commun...

6.3CVSS5.6AI score0.02621EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.295 views

CVE-2024-21053

CVE-2024-21053 affects Oracle MySQL Server (component: Server: DML). Affected: MySQL 8.0.34 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server. Exploitation and impact details are docu...

4.9CVSS5.8AI score0.00962EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.294 views

CVE-2020-2767

CVE-2020-2767 affects Oracle Java SE JSSE: vulnerable in Java SE 11.0.6 and 14 (client/server deployment). The vulnerability allows unauthenticated network access over HTTPS to modify or read Java SE data due to TLS/JSSE handling flaws, with potential for unauthorized updates, insertions, deletio...

5.8CVSS4.6AI score0.02108EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.294 views

CVE-2020-2778

CVE-2020-2778 affects Oracle Java SE JSSE (Java 11.0.6 and 14). It can be triggered over HTTPS by unauthenticated remote attackers, potentially enabling read access to a subset of Java SE data. The related connected advisories (e.g., CentOS/RH/OpenJDK tracking) describe the issue as an incomplete...

4.3CVSS3.7AI score0.02298EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.293 views

CVE-2018-2668

CVE-2018-2668 affects the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Affected: 5.5.58 and earlier; 5.6.38 and earlier; 5.7.20 and earlier. Description across sources: a low-privilege, network-accessible attacker can exploit via multiple protocols to cause a hang or ...

6.8CVSS6.3AI score0.03952EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.293 views

CVE-2020-2768

CVE-2020-2768 affects Oracle MySQL Cluster (Cluster: General) with vulnerable MySQL Cluster versions 7.3.28 and earlier, 7.4.27 and earlier, 7.5.17 and earlier, 7.6.13 and earlier, and 8.0.19 and earlier. The vulnerability can allow a low-privileged, network-accessing attacker to cause a hang or ...

6.3CVSS5.9AI score0.01301EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.291 views

CVE-2018-2813

CVE-2018-2813 is reported in the F5 AWS advisory as a MySQL Server (subcomponent: Server: DDL) vulnerability. Affected are Oracle MySQL/MariaDB lineage versions 5.5.59 and prior, 5.6.39 and prior, and 5.7.21 and prior. The issue: a low-privileged attacker with network access can compromise MySQL ...

4.3CVSS4.2AI score0.02568EPSS
CVE
CVE
added 2022/01/19 11:23 a.m.291 views

CVE-2022-21283

CVE-2022-21283 affects Oracle Java SE (Libraries) and GraalVM Enterprise Edition, with affected versions including Java SE 11.0.13 and 17.0.1, and GraalVM EE 20.3.4/21.3.0. The vulnerability allows unauthenticated network-based access and can cause a partial denial of service (A: PARTIAL) per CVS...

5.3CVSS4.8AI score0.03782EPSS
CVE
CVE
added 2020/09/19 3:45 a.m.290 views

CVE-2020-5421

CVE-2020-5421 affects Spring Framework releases across multiple lines (5.2.x to 5.0.x, 4.3.x and older). The issue arises from improper input handling of the jsessionid path parameter, which may bypass RFD Protection and weaken security controls. Affected products reference VMware Tanzu Spring Fr...

8.7CVSS7.2AI score0.10736EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.288 views

CVE-2023-21919

CVE-2023-21919 affects Oracle MySQL Server (component: Server: DDL), with vulnerable versions 8.0.32 and earlier. The issue allows a high-privilege attacker who can reach the server over multiple protocols to cause a hang or crash (DoS), as reflected by the CVSS availability impact. Connected adv...

4.9CVSS5.2AI score0.01456EPSS
CVE
CVE
added 2017/08/10 4:0 p.m.284 views

CVE-2016-5018

CVE-2016-5018 affects multiple Tomcat branches (9.0.0.M1–M9, 8.5.0–8.5.4, 8.0.0.RC1–8.0.36, 7.0.0–7.0.70, 6.0.0–6.0.45). The vulnerability allows a malicious web application to bypass a configured SecurityManager via a Tomcat utility method that is accessible to web applications, enabling bypass ...

9.1CVSS8.3AI score0.10303EPSS
CVE
CVE
added 2022/01/19 11:25 a.m.283 views

CVE-2022-21366

CVE-2022-21366 affects Oracle Java SE (ImageIO) and Oracle GraalVM Enterprise Edition. The Oracle advisory describes affected versions: Java SE 11.0.13 and 17.0.1; GraalVM EE 20.3.4 and 21.3.0. Exploitation could allow an unauthenticated network attacker to cause a partial denial of service or, d...

5.3CVSS4.7AI score0.03216EPSS
CVE
CVE
added 2021/01/19 4:27 p.m.281 views

CVE-2021-20190

CVE-2021-20190 is a Jackson Databind deserialization vulnerability involving the interaction between serialization gadgets and typing, present in Jackson Databind up to 2.9.10.7. The IBM bulletin for Cloudera Observability confirms this CVE as part of a collection and notes a fix in Cloudera Obse...

8.3CVSS7.6AI score0.07483EPSS
CVE
CVE
added 2022/08/26 12:0 a.m.279 views

CVE-2021-3859

CVE-2021-3859 corresponds to an Undertow flaw that triggers a client-side invocation timeout for certain HTTP/2 calls, enabling denial-of-service conditions. Connected advisories (e.g., RHSA-2024:10207) explicitly reference Undertow and cite the issue as the cause for DoS when HTTP2 client invoca...

7.5CVSS7.1AI score0.01287EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.277 views

CVE-2022-21277

CVE-2022-21277 affects Oracle Java SE and Oracle GraalVM Enterprise Edition via ImageIO, with additional related CVEs (CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21299, CVE-2022-21305, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CV...

5.3CVSS4.7AI score0.03091EPSS
CVE
CVE
added 2022/09/01 12:0 a.m.276 views

CVE-2022-2764

CVE-2022-2764 concerns Undertow. A DoS can occur because the Undertow server waits for LAST_CHUNK forever during EJB invocations, impacting availability (per CVSS vector: Network, Low access, High impact to availability). Public details in the provided documents specify the vulnerability as a DoS...

4.9CVSS5.1AI score0.00787EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.273 views

CVE-2023-21920

Summary: CVE-2023-21920 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.32 and earlier. Exploitable with network access via multiple protocols by a highly privileged attacker, leading to a hang or frequent crashes (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Impact: Avail...

4.9CVSS5.2AI score0.01456EPSS
CVE
CVE
added 2022/05/24 6:19 p.m.272 views

CVE-2021-3597

CVE-2021-3597 affects Undertow’s HTTP2SourceChannel and can cause DoS by failing to write the final frame. Affected products/versions include Undertow releases prior to 2.0.35.SP1, 2.2.6.SP1, 2.2.7.SP1, 2.0.36.SP1, 2.2.9.Final and 2.0.39.Final. The vulnerability is addressed in Red Hat JBoss EAP ...

5.9CVSS5.5AI score0.01061EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.269 views

CVE-2022-21271

CVE-2022-21271 is a vulnerability in Oracle Java SE and Oracle GraalVM Enterprise Edition (Libraries). Affected versions are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. The description states it is easily exploitable by an unauthenticated attacker ...

5.3CVSS4.6AI score0.02789EPSS
CVE
CVE
added 2024/01/16 9:41 p.m.268 views

CVE-2024-20975

CVE-2024-20975 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL Server versions 8.2.0 and earlier. Exploitation by a low-privileged attacker with network access via multiple protocols can cause a hang or repeated crash (DoS). CVSS 3.1 base score 6.5, Availability impact. The conne...

6.5CVSS6.1AI score0.00891EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.266 views

CVE-2018-2640

The CVE refers to CVE-2018-2640 in the MySQL/MariaDB family: the vulnerability is in the MySQL Server component (Server: Optimizer) and affects multiple supported branches (5.5.x, 5.6.x, 5.7.x) with ability for a network‑accessible, low‑privileged attacker to cause a hang or crash (DOS). Public a...

6.8CVSS6.3AI score0.03952EPSS
CVE
CVE
added 2021/06/11 3:49 p.m.265 views

CVE-2021-22901

CVE-2021-22901 affects curl/libcurl up to version 7.76.x for builds using OpenSSL. A use-after-free during TLS 1.3 session-ticket handling on a single connection can lead to remote code execution in rare cases. Impact is tied to memory access after freeing objects when a session ticket arrives on...

8.1CVSS8.2AI score0.60122EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.263 views

CVE-2017-10102

CVE-2017-10102 is a remotely exploitable issue in Oracle Java SE and Java SE Embedded (RMI subcomponent) affecting Java SE 6u151, 7u141, 8u131 and Java SE Embedded 8u131. A remote attacker could compromise the target via API data handling over network access, potentially taking over the Java runt...

9CVSS8.7AI score0.02971EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.263 views

CVE-2017-10345

CVE-2017-10345 affects Oracle Java SE/Embedded/JRockit serialization. The vulnerability allows an unauthenticated attacker with network access to compromise the target, potentially causing a partial denial of service; exploitation is difficult and may require human interaction. Affected versions ...

3.1CVSS4.2AI score0.02442EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.262 views

CVE-2018-2817

CVE-2018-2817 affects the MySQL/MariaDB server stack (MySQL Server component; subcomponents such as DDL/InnoDB/Optimizer) across multiple product lines. Affected versions include MySQL/MariaDB releases prior to upstream fixes (e.g., 5.5.x, 5.6.x, 5.7.x families as cited in the documents). Impact ...

6.5CVSS6AI score0.03171EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.261 views

CVE-2017-10115

CVE-2017-10115 is a covert timing-channel vulnerability in the DSA implementation of the JCE in OpenJDK/OpenJRE/JRockit, affecting Java SE 6u151, 7u141, 8u131 and related packages (e.g., OpenJDK 7 on Debian/Ubuntu, RHEL/CentOS, Arch Linux advisories). A remote attacker could potentially exploit t...

7.5CVSS7.2AI score0.02737EPSS
Total number of security vulnerabilities971