971 matches found
CVE-2021-26296
CVE-2021-26296 affects Apache MyFaces CSRF in WebSphere Application Server family (WAS) and Liberty. IBM bulletins detail vulnerability as cross-site request forgery due to improper input validation, enabling unauthorized actions if an authenticated user visits a malicious site. Affected products...
CVE-2022-21444
CVE-2022-21444 affects Oracle MySQL Server (component: Server: DDL). Affected versions are MySQL 5.7.37 and earlier, and 8.0.28 and earlier. Attackers with network access via multiple protocols can cause a hang or frequent crashes (DoS) of MySQL Server. Several connected advisories indicate remed...
CVE-2022-21534
CVE-2022-21534 affects Oracle MySQL Server (Server: Stored Procedure). Affected versions are 8.0.29 and earlier. Exploitation requires network access via multiple protocols by a high-privilege attacker and can cause the MySQL Server to hang or crash (complete DOS). Remediation: upgrade to MySQL 8...
CVE-2021-2383
CVE-2021-2383 affects MySQL Server (Oracle MySQL) in the Server: Optimizer component. Affected versions: 8.0.25 and prior. Description in the sources indicates an easily exploitable remote attack with network access via multiple protocols, potentially leading to a hang or a frequent crash (comple...
CVE-2021-2437
CVE-2021-2437 affects Oracle MySQL Server (component: Server: Optimizer). The vulnerability is present in MySQL Server versions 8.0.25 and earlier. It is exploitable by a high-privilege attacker who has network access via multiple protocols, potentially leading to a hang or a frequently repeatabl...
CVE-2021-2444
CVE-2021-2444 is a MySQL Server (Oracle MySQL) vulnerability affecting the Server: Optimizer. Affected versions are 8.0.23 and prior. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or a complete denial of service on MySQL Server. The...
CVE-2018-2782
CVE-2018-2782 is a vulnerability in the MySQL Server component (InnoDB). Affected versions are MySQL 5.6.39 and earlier and 5.7.21 and earlier. The issue allows a low-privileged, remote attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (partial/complet...
CVE-2021-2402
CVE-2021-2402 affects Oracle MySQL Server (component: Server: Locking); vulnerable in 8.0.25 and earlier. Description from connected advisories indicates an easily exploitable network-accessible issue that can cause a hang or crash (DoS) of MySQL Server with high privileges. Remediation is to app...
CVE-2023-22048
CVE-2023-22048 is a MySQL Server vulnerability in the Server: Pluggable Auth component. Affected versions are 8.0.33 and earlier. It requires network access with a low-privilege attacker and can lead to unauthorized read access to a subset of MySQL data; CVSS 3.1 Base Score is 3.1 (Low). The conn...
CVE-2018-2627
CVE-2018-2627 : Vulnerability in the Oracle Java SE component (Installer) for Windows installer only. Affected: Java SE 8u152 and 9.0.1. Exploitation is described as difficult and requires a logged-on, low-privilege user with user interaction; successful exploitation could lead to takeover of Jav...
CVE-2018-2766
CVE-2018-2766 affects the MySQL Server component (InnoDB) and can lead to a complete DoS via network access. Affected versions per the initial data are MySQL 5.6.39 and earlier and 5.7.21 and earlier. Several connected advisories reference this CVE (e.g., Debian security notices, F5 advisory) but...
CVE-2018-2784
CVE-2018-2784 affects Oracle MySQL Server (InnoDB) with affected versions 5.6.39 and prior and 5.7.21 and prior. The vulnerability allows a low-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (DoS). Connected advisories confirm its inclusion in mult...
CVE-2021-2425
CVE-2021-2425 is a vulnerability in Oracle MySQL Server (Server: Optimizer). Affected versions are 8.0.25 and earlier. An attacker with network access and high privileges can cause the MySQL Server to hang or crash (denial of service). The connected documents confirm the affected component and th...
CVE-2022-21569
CVE-2022-21569 concerns a vulnerability in Oracle MySQL Server (Server: Optimizer). Affected products/versions: MySQL Server 8.0.29 and earlier. The issue enables a low-privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (complete DoS) of ...
CVE-2018-2581
CVE-2018-2581 affects Oracle Java SE (JavaFX) with Java SE versions 7u161, 8u152, and 9.0.1. An unauthenticated attacker with network access via multiple protocols can read a subset of Java SE data; exploitation requires user interaction. The issue is tied to JavaFX within client deployments (Web...
CVE-2021-2440
CVE-2021-2440 is a vulnerability in Oracle MySQL Server (Server: DML). Affected versions are 8.0.25 and earlier. The issue allows a high-privileged, network-access- capable attacker to cause a hang or complete denial of service (DOS) against MySQL Server, as described in multiple sources (includi...
CVE-2021-2441
CVE-2021-2441 is a vulnerability in Oracle MySQL Server (component: Server: Optimizer) affecting versions 8.0.25 and prior. An attacker with network access via multiple protocols and with high privileges can cause the MySQL Server to hang or crash (DoS). CVSS 3.1 Base Score 4.9, Availability impa...
CVE-2022-21522
CVE-2022-21522 affects Oracle MySQL Server, component Server: Stored Procedure . Affected versions are 8.0.29 and prior . The vulnerability is exploitable by a high-privilege attacker with network access via multiple protocols , and successful exploits can cause a hang or frequently repeatable cr...
CVE-2021-20293
CVE-2021-20293 affects RESTEasy (all versions up to 4.6.0.Final). The flaw is a reflected XSS caused by improper handling of URL encoding when using @javax.ws.rs.PathParam without an accompanying @Produces MediaType. Exploitation could lead to script execution in a victim’s browser, impacting dat...
CVE-2021-2424
CVE-2021-2424 is a vulnerability in Oracle MySQL Server (Server: Stored Procedure). Affected are MySQL Server 8.0.25 and earlier. An attacker with network access and high privileges can trigger a hang or crash (DoS) via multiple protocols. The Oracle/related advisories describe the issue but no p...
CVE-2022-21539
CVE-2022-21539 affects Oracle MySQL Server (InnoDB) with an affected range of 8.0.29 and earlier. A low-privileged, network-accessible attacker could gain unauthorized update/insert/delete access and unauthorized read access to MySQL data, plus partial DoS of data via the InnoDB component. The vu...
CVE-2021-2426
CVE-2021-2426 affects Oracle MySQL Server (component: Server: Optimizer). Affected: 8.0.25 and prior. Description from multiple sources: an attacker with network access via multiple protocols, possessing high privileges, can cause the MySQL Server to hang or crash (complete DOS) with a CVSS v3.1 ...
CVE-2022-21418
CVE-2022-21418 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.28 and earlier. The issue allows a high-privilege attacker with network access to cause a hang or crash (denial of service) and may enable unauthorized updates, inserts, or deletes to certain MySQL data. The connecte...
CVE-2023-22005
CVE-2023-22005 affects Oracle MySQL Server, specifically the Server: Replication component, with affected versions listed as 8.0.33 and earlier. The IBM Security Guardium bulletin corroborates an unspecified vulnerability in this replication area that could allow a remote authenticated attacker t...
CVE-2018-2942
CVE-2018-2942 affects Oracle Java SE (Windows DLL) with vulnerable Java SE versions 7u181 and 8u172. The vulnerability is exploitable over a network via multiple protocols and can lead to Java SE takeover; exploitation requires user interaction. CVSSv3.1 base score 8.3 (HIGH) with impacts to conf...
CVE-2021-2387
CVE-2021-2387 affects Oracle MySQL Server (Server: Optimizer). Public info: affected versions are 8.0.25 and prior; an attacker with network access and high privileges can cause a hang or crash (DOS) of MySQL Server. No explicit weapon/exploit details or patch/version beyond the affected range ar...
CVE-2022-21436
Technical details about CVE-2022-21436 are not publicly provided in the connected documents. Please monitor for updates.
CVE-2021-2410
CVE-2021-2410 : A vulnerability in Oracle MySQL Server (component: Server: Optimizer) affects MySQL 8.0.25 and earlier. An attacker with network access via multiple protocols and high privileges can exploit it to cause a hang or frequent crash (DoS). Public advisories parallel to this CVE indicat...
CVE-2023-22033
CVE-2023-22033 affects Oracle MySQL Server (InnoDB). Affected versions are 8.0.33 and earlier. An attacker with network access via multiple protocols can exploit this to cause a hang or frequently repeatable crash (DoS) of MySQL Server. The CVSS base score is 4.4 (Availability impact). A remediat...
CVE-2022-21509
CVE-2022-21509 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.29 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause a hang or crash (DoS) and may allow unauthorized data updates/i...
CVE-2022-21517
The CVE-2022-21517 entry concerns Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.29 and earlier. The flaw enables a high-privilege attacker who has network access (via multiple protocols) to cause a hang or a frequent, repeatable crash (complete DOS) of MySQL Server. The CVSS v3.1 base...
CVE-2022-34357
CVE-2022-34357 affects IBM Cognos Analytics Mobile Server versions 11.1.7, 11.2.4, and 12.0.0. Root cause: weak or absent rate limiting allows unlimited HTTP requests from a single user, leading to Denial of Service and service unavailability for other users. Remediation provided in connected doc...
CVE-2023-22038
CVE-2023-22038 affects Oracle MySQL Server (Server: Security: Privileges) with affected versions 8.0.33 and earlier. A high-privileged attacker with network access via multiple protocols could authorize data updates/inserts/deletes. Root cause and impact stated as low to moderate integrity impact...
CVE-2023-22058
CVE-2023-22058 affects Oracle MySQL Server (Server: DDL) for versions 8.0.33 and earlier, allowing a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). The issue is documented with a CVSS base score of 4.4 (Availability). Remediation: upgrade to MyS...
CVE-2018-2810
CVE-2018-2810 affects Oracle MySQL Server (InnoDB subcomponent). Affected are MySQL 5.7.21 and earlier. Attackers with network access via multiple protocols and high privileges can cause a hang or frequent crashes (DoS) of MySQL Server. CVSSv3 base score 4.9 (A: High, Availability impact). Remedi...
CVE-2022-21414
CVE-2022-21414 affects Oracle MySQL Server, specifically the Server: Optimizer. Affected versions are 8.0.28 and earlier. An attacker with high privileges and network access via multiple protocols can cause the server to hang or crash (denial of service). The vulnerability is documented as a deni...
CVE-2022-21435
CVE-2022-21435 affects Oracle MySQL Server, component Server: Optimizer, with affected versions 8.0.28 and earlier. The vulnerability allows a high-privilege attacker who can reach the server over the network (via multiple protocols) to cause a denial of service, resulting in the MySQL Server han...
CVE-2022-21537
CVE-2022-21537 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.29 and earlier. The vulnerability has a high-privilege remote attacker scenario over multiple network protocols, potentially causing a hang or repeated crashes (complete DOS). Some connected advisories note remediation...
CVE-2022-21538
CVE-2022-21538 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected: MySQL 8.0.29 and earlier. Attack: network access with low privileges can cause partial denial of service to MySQL Server. Impact: availability degradation (low). CVSS base score: 3.1 (LOW). Remediation...
CVE-2023-21946
CVE-2023-21946 affects Oracle MySQL Server, specifically the Server: Optimizer. Affected versions are 8.0.32 and earlier. The vulnerability can be exploited by a low-privilege attacker with network access via multiple protocols and can lead to a hang or frequently repeatable crash (complete DoS) ...
CVE-2022-21379
CVE-2022-21379 affects Oracle MySQL Server, specifically the Group Replication Plugin in MySQL 8.0.27 and earlier. The vulnerability allows a network-remote, high-privilege attacker to cause a hang or crash (DoS). Public materials note multiple distro advisories updating to newer MySQL 8.0.x vers...
CVE-2022-21413
CVE-2022-21413 affects the Oracle MySQL Server, specifically the Server: DML component. Affected versions are 8.0.28 and prior . The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent crash (DoS) of MySQL Server. The CVSS 3.1 bas...
CVE-2022-21462
CVE-2022-21462 affects Oracle MySQL Server (component: Server: Optimizer). Affected: 8.0.28 and earlier. Exploitation requires network access via multiple protocols; can lead to a hang or frequent crash (DOS) of MySQL Server. CVSS 3.1 base score 4.9 (Availability impact). The connected advisories...
CVE-2022-21528
CVE-2022-21528 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.29 and earlier. An attacker with network access via multiple protocols and with HIGH privileges can cause a hang or a frequently repeatable crash (complete DOS) and may perform unauthorized updates/inse...
CVE-2023-22057
CVE-2023-22057 affects Oracle MySQL Server, component Server: Replication, with affected versions 8.0.33 and prior. Multiple connected sources indicate this vulnerability can allow a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (com...
CVE-2018-2818
CVE-2018-2818 affects Oracle MySQL Server components (Server: Privileges) and is triggered by a high-privilege user over network protocols, potentially causing a hang or crash (DoS) on vulnerable MySQL Server versions 5.5.59 and earlier, 5.6.39 and earlier, or 5.7.21 and earlier. The connected ad...
CVE-2022-21527
CVE-2022-21527 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.29 and earlier. Summary: A high-privilege attacker who can reach the server over network protocols can trigger a hang or crash (DO S) and may perform unauthorized update/insert/delete on some data. The vulnerabili...
CVE-2022-21438
CVE-2022-21438 affects Oracle MySQL Server, component Server: Optimizer, with affected versions 8.0.28 and earlier. An attacker with network access via multiple protocols and high privileges can cause the MySQL Server to hang or frequently crash (DoS). The initial records provide a CVSS v3.1 base...
CVE-2022-21531
CVE-2022-21531 affects Oracle MySQL Server, component Server: Optimizer , with affected versions 8.0.29 and earlier. An attacker with network access via multiple protocols and requiring HIGH privileges can cause a hang or a frequent, repeatable crash (DoS) of MySQL Server. CVSS v3.1 base score 4....
CVE-2022-21525
CVE-2022-21525 affects Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.29 and earlier. The vulnerability enables a high-privilege attacker who can reach the server over the network via multiple protocols to cause a hang or a nearly-repeated crash (DOS). The CVSS v3.1...