Lucene search
K
NetappOncommand Insight

971 matches found

CVE
CVE
added 2022/04/19 8:36 p.m.139 views

CVE-2022-21415

CVE-2022-21415 affects Oracle MySQL Server, component Server: Replication. Affected: MySQL 8.0.28 and prior. Description: a high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (complete DOS). Connected advisories indicate broader MySQL su...

4.9CVSS4.8AI score0.01421EPSS
CVE
CVE
added 2022/07/19 9:7 p.m.139 views

CVE-2022-21547

CVE-2022-21547 concerns a vulnerability in the Oracle MySQL Server, specifically the Server: Federated component. The affected product is MySQL Server (Oracle MySQL) with affected versions listed as 8.0.29 and prior . The vulnerability is described as easily exploitable by a high-privilege attack...

4.9CVSS4.9AI score0.01135EPSS
CVE
CVE
added 2022/07/19 9:7 p.m.138 views

CVE-2022-21529

CVE-2022-21529 affects Oracle MySQL Server, component Server: Optimizer. Affected versions are 8.0.29 and earlier. The vulnerability is described as easily exploitable over the network via multiple protocols and can lead to a hang or repeated crash (complete DoS). Multiple connected sources corro...

4.9CVSS4.9AI score0.01407EPSS
CVE
CVE
added 2021/06/02 11:23 a.m.137 views

CVE-2020-14326

CVE-2020-14326 affects RESTEasy: RootNode caching of routes can trigger hash flooding, causing slower requests and higher CPU usage leading to DoS. The description confirms the vulnerability and impact but does not specify affected versions, vulnerable component details beyond RootNode routing ca...

7.5CVSS7.1AI score0.01212EPSS
CVE
CVE
added 2020/06/15 12:0 a.m.137 views

CVE-2020-4051

The CVE-2020-4051 entry affects the Dijit Editor’s LinkDialog plugin, with cross-site scripting vulnerability present in Dijit releases prior to the fixed versions. Documented affected ranges include Dijit 1.11.x through 1.16.x, with fixes implemented in 1.11.11, 1.12.9, 1.13.8, 1.14.7, 1.15.4, a...

5.4CVSS4.7AI score0.01183EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.137 views

CVE-2022-21437

CVE-2022-21437 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.28 and earlier. Vulnerability: an attacker with network access via multiple protocols can exploit the flaw to cause a hang or frequent crash (DoS) of MySQL Server. The connected advisories indicate this...

4.9CVSS4.9AI score0.0134EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.137 views

CVE-2022-21452

Oracle MySQL: CVE-2022-21452 affects MySQL Server, component Server: Optimizer, in versions 8.0.28 and prior. The vulnerability is easily exploitable by a high-privilege attacker over network protocols and can lead to a hang or complete denial-of-service of MySQL Server. Some connected advisories...

4.9CVSS4.8AI score0.01252EPSS
CVE
CVE
added 2022/07/19 9:7 p.m.137 views

CVE-2022-21526

CVE-2022-21526 (Oracle MySQL Server, component: Server: Optimizer) affects MySQL Server versions 8.0.29 and earlier. The vulnerability allows a high-privilege, network-accessible attacker to cause a hang or frequent/complete denial of service (A: H) via multiple protocols. The issue is documented...

4.9CVSS4.9AI score0.01387EPSS
CVE
CVE
added 2022/07/19 9:7 p.m.136 views

CVE-2022-21530

CVE-2022-21530 affects Oracle MySQL Server (Server: Optimizer) and is applicable to MySQL 8.0.29 and prior. The description states that a high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (complete DOS). The CVSS 3.1 base score is 4.9 (...

4.9CVSS4.9AI score0.01439EPSS
CVE
CVE
added 2022/07/19 9:7 p.m.136 views

CVE-2022-21556

CVE-2022-21556 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.28 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause unauthorized creation, deletion, or modification of data and to...

6.5CVSS6.3AI score0.01147EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.135 views

CVE-2019-2924

CVE-2019-2924 is a vulnerability in the MySQL Server product (Oracle MySQL), specifically under Server: Security: Encryption. Affected versions are 5.6.45 and earlier and 5.7.27 and earlier. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read da...

5.3CVSS4.3AI score0.02211EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.135 views

CVE-2023-22046

CVE-2023-22046 affects Oracle MySQL Server, Server: Optimizer. Affected versions are 8.0.33 and earlier. An attacker with high privileges and network access could cause a hang or crash (DOS) in MySQL Server. The vulnerability is tied to the Optimizer component. Remediation noted in public advisor...

4.9CVSS5.2AI score0.01079EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.131 views

CVE-2023-22008

CVE-2023-22008 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.33 and earlier. An attacker with network access through multiple protocols and high privileges can cause a hang or frequent crash (DoS) of MySQL Server (CVSS 4.9, AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Connected sourc...

4.9CVSS5.2AI score0.01079EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.129 views

CVE-2018-3071

CVE-2018-3071 affects the MySQL Server Audit Log component in Oracle MySQL, with vulnerable versions up to 5.7.22 (and earlier). The exposed impact per the sources is a high-privilege attacker with network access via multiple protocols can cause a denial of service, resulting in a hang or frequen...

4.9CVSS4.8AI score0.02924EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.128 views

CVE-2023-22056

CVE-2023-22056 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.33 and prior. An attacker with network access via multiple protocols and high privileges can cause a hang or frequent crash (DoS) of MySQL Server. Remediation guidance in connected ...

4.9CVSS5.2AI score0.01594EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.126 views

CVE-2018-2846

CVE-2018-2846 affects Oracle MySQL Server, specifically the Server: Performance Schema. Affected versions are 5.7.21 and earlier. An attacker with high privileges and network access via multiple protocols can cause the MySQL Server to hang or crash (availability impact). The vulnerability is expl...

4.9CVSS5AI score0.02862EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.126 views

CVE-2023-22054

CVE-2023-22054 affects MySQL Server (Oracle MySQL), specifically the Server: Optimizer component. Affected products/versions: MySQL 8.0.33 and earlier. Root cause: unspecified in primary CVE entry, but the IBM Security Guardium bulletin and MySQL advisories describe a high-privilege, network-acce...

4.9CVSS5.2AI score0.01199EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.125 views

CVE-2018-2777

CVE-2018-2777 : A vulnerability in Oracle MySQL Server (InnoDB) affecting 5.7.21 and earlier. It allows a high-privilege attacker with network access to cause a hang or frequent crashes (DoS) via multiple protocols. The issue is confirmed in multiple sources; exploitation status is not detailed i...

4.9CVSS5AI score0.03051EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.124 views

CVE-2018-3061

CVE-2018-3061 is a vulnerability in Oracle MySQL (MySQL Server: DML). Public sources in the Fedora update FEDORA-2018-f67fda3db6 show that MySQL 5.7.23 fixes this issue; prior 5.7.x versions are affected. The Red Hat RHSA-2018-3655/Nessus listing confirms a DML-related vulnerability in MySQL that...

4.9CVSS4.8AI score0.02924EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.123 views

CVE-2018-2759

CVE-2018-2759 affects the MySQL Server component (InnoDB). Affected are Oracle MySQL 5.7.x with 5.7.21 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server (CVSS 3.0 shows A=High, Availab...

4.9CVSS5AI score0.02828EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.123 views

CVE-2019-2922

CVE-2019-2922 affects Oracle MySQL Server (Server: Security: Encryption) with affected versions 5.6.45 and earlier and 5.7.27 and earlier. The vulnerability is exploitable over the network by unauthenticated attackers via multiple protocols and can lead to unauthorized read access to a subset of ...

5.3CVSS4.3AI score0.02211EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.121 views

CVE-2021-35639

CVE-2021-35639 is a MySQL Server vulnerability (component: Server: Stored Procedure) affecting Oracle MySQL 8.0.26 and earlier. The issue allows a high-privileged attacker with network access via multiple protocols to cause a hang or a crash (complete DOS) of MySQL Server. The connected advisorie...

6.8CVSS4.9AI score0.01663EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.120 views

CVE-2017-10365

CVE-2017-10365 concerns a vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). The affected versions are 5.7.18 and earlier. An attacker with network access via multiple protocols and with high privileges can potentially compromise MySQL Server, leading to unauthori...

5.5CVSS3.3AI score0.01571EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.119 views

CVE-2018-2839

CVE-2018-2839 affects Oracle MySQL Server (Server: DML). Affected: MySQL 5.7.21 and earlier. Exploitable over network with high privileges via multiple protocols, potentially causing the server to hang or crash (DoS). The documents confirm the impact and affected versions, but do not provide a sp...

4.9CVSS5AI score0.02862EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.118 views

CVE-2017-10286

CVE-2017-10286 affects the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). The F5 advisory confirms the vulnerability is exploitable over the network by a high-privileged attacker with access via multiple protocols, and can cause a hang or crash (complete DOS). Affected versions in...

4.4CVSS4.3AI score0.02444EPSS
CVE
CVE
added 2022/04/19 8:38 p.m.115 views

CVE-2022-21490

CVE-2022-21490 affects Oracle MySQL Cluster (Cluster: General) with affected versions 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior, and 8.0.28 and prior. The issue enables a high-privilege attacker with access to the hardware’s physical communication segment to takeover the MySQL Cluster;...

6.3CVSS5.6AI score0.78666EPSS
CVE
CVE
added 2024/02/24 3:29 p.m.115 views

CVE-2023-32344

CVE-2023-32344 affects IBM Cognos Analytics versions 11.1.7, 11.2.4 FP? and 12.0.0, with a form action hijacking flaw that lets an attacker modify the form action to reference an arbitrary path. Root cause and impact are described across multiple sources (IBM Cognos Analytics documentation and ad...

4.3CVSS4.5AI score0.0038EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.114 views

CVE-2018-2816

CVE-2018-2816 affects Oracle MySQL Server (subcomponent: Server: Optimizer). Affected versions: 5.7.21 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or crash (denial of service). The description indicates remediation guidance via Oracle C...

4.9CVSS5AI score0.02862EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.112 views

CVE-2019-2910

CVE-2019-2910 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected versions include 5.6.45 and prior and 5.7.27 and prior. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read a subset of MySQL Server data due to issues...

4.3CVSS3.3AI score0.01716EPSS
CVE
CVE
added 2023/10/17 9:3 p.m.109 views

CVE-2023-22095

Vulnerability CVE-2023-22095 affects Oracle MySQL Server 8.1.0 (Server: Optimizer). A low-privileged attacker with network access across multiple protocols can cause a hang or frequent crash of MySQL Server (DoS). The issue is explicitly described as exploitable via the network with low privilege...

6.5CVSS6.2AI score0.00975EPSS
CVE
CVE
added 2021/03/19 8:25 p.m.108 views

CVE-2021-21267

Summary of CVE-2021-21267: Schema-Inspector (npm package schema-inspector) is vulnerable to a denial-of-service via email validation in before version 2.0.0. The issue is caused by a pathological input that triggers ReDoS during email validation, freezing the program or browser page. This affects...

7.5CVSS7.5AI score0.0209EPSS
CVE
CVE
added 2024/02/24 3:40 p.m.108 views

CVE-2023-43051

IBM Cognos Analytics is affected by CVE-2023-43051 (XSS) in versions 11.1.7, 11.2.4, and 12.0.0, enabling embedding of arbitrary JavaScript in the Web UI and potentially credential disclosure within a trusted session. The issue is addressed by upgrading to: 12.0.2 for 12.0.x, 11.2.4 FP3 for 11.2....

5.4CVSS5.2AI score0.00626EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.107 views

CVE-2018-2812

CVE-2018-2812 affects Oracle MySQL Server (subcomponent Server: Optimizer). Affected: MySQL 5.7.21 and earlier. Impact: high privileged attacker with network access can cause a hang/complete DOS and may update/insert/delete data in affected data. Root cause: issues in the Server: Optimizer path a...

5.5CVSS5.3AI score0.02448EPSS
CVE
CVE
added 2019/08/09 5:58 p.m.107 views

CVE-2019-5498

OnCommand Insight up to version 7.3.6 contains an information-disclosure vulnerability that could reveal sensitive account information to an authenticated user. This is documented across multiple sources (NVD and Red Hat/CVE entries) with the root cause described as an issue in how the product ha...

6.5CVSS6.2AI score0.01105EPSS
CVE
CVE
added 2024/02/24 3:35 p.m.107 views

CVE-2023-30996

CVE-2023-30996 affects IBM Cognos Analytics (versions 11.1.7, 11.2.4, 12.0.0) and describes information leakage due to unverified sources in inter-origin Windows object messages. The vulnerability is an information disclosure issue rather than remote code execution. Remediation is to upgrade to f...

5.3CVSS5AI score0.00422EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.105 views

CVE-2017-10320

CVE-2017-10320 affects the MySQL Server component (InnoDB) of Oracle MySQL. Affected versions are 5.7.19 and earlier. An attacker with network access via multiple protocols can exploit this to cause a hang or a crash (DOS) of MySQL Server. The CVSS v3 base score is 4.9 (Availability impact). Reme...

4.9CVSS4.7AI score0.01942EPSS
CVE
CVE
added 2024/02/24 3:27 p.m.101 views

CVE-2023-38359

CVE-2023-38359 - IBM Cognos Analytics XSS : The vulnerability affects IBM Cognos Analytics versions 11.1.7, 11.2.4, and 12.0.0 where untrusted input in the Web UI can be used to embed arbitrary JavaScript, potentially exposing credentials within a trusted session. Root cause: cross-site scripting...

6.1CVSS5.8AI score0.00686EPSS
CVE
CVE
added 2022/04/22 4:30 p.m.99 views

CVE-2021-20464

CVE-2021-20464 affects IBM Cognos Analytics PowerPlay (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7). A malicious authenticated user could trigger an XML Bomb attack, leading to a denial of service of the affected PowerPlay component. Connected sources confirm impacted product lines and the XM...

6.5CVSS6.7AI score0.01344EPSS
CVE
CVE
added 2022/07/19 9:7 p.m.99 views

CVE-2022-21550

CVE-2022-21550 affects Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior, and 8.0.29 and prior. Exploitation requires high-privilege access via the physical communication segment and user interaction; outcomes can include takeo...

6.3CVSS5.7AI score0.50698EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.96 views

CVE-2021-35583

CVE-2021-35583 affects Oracle MySQL Server (Windows, Server: Windows). Affected: MySQL 8.0.25 and prior. Vulnerability allows an unauthenticated attacker with network access via multiple protocols to cause the server to hang or crash (complete DoS). CVSS 3.1 base score 7.5 (Availability). Public ...

7.5CVSS6.9AI score0.0297EPSS
CVE
CVE
added 2022/07/19 9:6 p.m.95 views

CVE-2022-21519

CVE-2022-21519 : Oracle MySQL Cluster (component: Cluster: General) is affected for versions 8.0.29 and earlier. An unauthenticated attacker with network access via multiple protocols can cause a hang or frequent crash (complete DOS). CVSS v3.1 base score 5.9 (Availability, HIGH). References and ...

5.9CVSS5.3AI score0.0122EPSS
CVE
CVE
added 2022/04/22 4:30 p.m.94 views

CVE-2021-29824

IBM Cognos Analytics is affected by CVE-2021-29824, a privilege-escalation flaw that could allow a lower-privilege user to read the Data Connections page. Public sources in the provided documents identify IBM Cognos Analytics 11.2.x and 11.1.x as affected. The issue is addressed by IBM fixes: 11....

4.3CVSS5.3AI score0.00843EPSS
CVE
CVE
added 2022/04/22 4:30 p.m.94 views

CVE-2021-38886

IBM Cognos Analytics is affected by CVE-2021-38886: cross-site request forgery that could allow a trusted-user action to be executed by an attacker. The vulnerability affects IBM Cognos Analytics 11.2.x and 11.1.x (notably 11.2.x and 11.1.x lines cited in sources). Remediation is available: IBM C...

8.8CVSS8.7AI score0.00544EPSS
CVE
CVE
added 2022/01/19 11:26 a.m.94 views

CVE-2022-21380

CVE-2022-21380 concerns Oracle MySQL products. Connected documents identify a variant affecting MySQL Server 8.0.29 and earlier, caused by insufficient input validation in the Server: Optimizer component (and related InnoDB behavior in some entries). This can permit a high-privileged attacker wit...

6.3CVSS5.6AI score0.03024EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.93 views

CVE-2019-2923

CVE-2019-2923 affects Oracle MySQL Server (MySQL) in the Server: Encryption area. Connected documents confirm affected versions: 5.6.45 and earlier, and 5.7.27 and earlier. The vulnerability is exploitable over the network by an unauthenticated attacker and can lead to unauthorized read access to...

5.3CVSS4.3AI score0.02211EPSS
CVE
CVE
added 2019/09/17 7:5 p.m.93 views

CVE-2019-4183

IBM Cognos Analytics 11.0 and 11.1 are affected by a denial-of-service issue where remote attackers can send specially crafted requests to exhaust CPU and memory. The shared sources identify the affected products as IBM Cognos Analytics 11.0 and 11.1, but do not detail the root cause in this exce...

7.8CVSS7.6AI score0.03518EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.93 views

CVE-2020-2790

CVE-2020-2790 affects Oracle MySQL Server (Server: Pluggable Auth). The connected Nessus entries confirm: vulnerable in MySQL 5.7.28 and earlier, with exploitation possible by a low-privilege attacker over the network via multiple protocols. The impact stated in multiple sources is a complete DoS...

6.5CVSS6.2AI score0.0179EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.91 views

CVE-2020-2806

CVE-2020-2806 affects Oracle MySQL Server (Server: Compiling) with affected versions 5.7.28 and earlier. The vulnerability can be exploited by a low-privileged, network-accessible attacker over multiple protocols to cause a hang or repeated crash (Denial of Service). CVSS v3 base score 5.3 (Avail...

5.3CVSS5.7AI score0.01531EPSS
CVE
CVE
added 2022/04/22 4:30 p.m.91 views

CVE-2021-38903

CVE-2021-38903 concerns IBM Cognos Analytics (versions 11.2.x and 11.1.x). The vulnerability is a cross-site scripting flaw caused by improper validation of user-supplied input in the web interface, enabling a remote attacker to inject script into a user’s browser session and potentially steal co...

5.4CVSS6.2AI score0.00929EPSS
CVE
CVE
added 2017/03/14 9:2 a.m.90 views

CVE-2016-8747

The CVE-2016-8747 issue affects Apache Tomcat 8.5.7–8.5.9 and 9.0.0.M11–9.0.0.M15 in reverse-proxy configurations, where Http11InputBuffer.java can let a remote attacker read data belonging to a different request. The underlying problem is an information-disclosure vulnerability in the Tomcat rev...

7.5CVSS7AI score0.07179EPSS
Total number of security vulnerabilities971