Lucene search
K
NetappOncommand Insight

971 matches found

CVE
CVE
added 2023/10/17 9:2 p.m.632 views

CVE-2023-22068

CVE-2023-22068 affects Oracle MySQL Server (InnoDB). Affected: MySQL 8.0.34 and earlier, and 8.1.0. An attacker with network access via multiple protocols and high privileges can cause the server to hang or crash (DoS). No explicit exploitation details are provided beyond this claim. Remediation:...

4.9CVSS5.1AI score0.0094EPSS
CVE
CVE
added 2023/10/17 9:3 p.m.628 views

CVE-2023-22103

CVE-2023-22103 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.34 and earlier, and 8.1.0. Attack via network with high privileges can cause a hang or frequent crash (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Availability). Remediation: upgrade to a fixed package/version...

4.9CVSS5.1AI score0.00983EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.627 views

CVE-2022-21641

Summary (from provided sources): CVE-2022-21641 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.29 and earlier. The vulnerability is exploitable by a high-privilege attacker with network access via multiple protocols and can lead to a hang or a...

4.9CVSS4.9AI score0.00962EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.619 views

CVE-2022-21592

CVE-2022-21592 affects Oracle MySQL Server (Server: Security: Encryption). Affected: MySQL 5.7.39 and earlier, and 8.0.29 and earlier. A low-privileged attacker with network access over multiple protocols can cause unauthorized read access to a subset of data. CVSS 3.1 base score 4.3 (Confidentia...

4.3CVSS3.7AI score0.00653EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.618 views

CVE-2022-21595

CVE-2022-21595 affects Oracle MySQL Server (component: C API). Affected versions include MySQL Server 5.7.36 and prior and 8.0.27 and prior. The vulnerability is exploitable with network access via multiple protocols and is described as difficult to exploit, requiring high privileges. Successful ...

4.4CVSS4.6AI score0.01048EPSS
CVE
CVE
added 2020/11/06 7:7 a.m.617 views

CVE-2020-28196

CVE-2020-28196 affects MIT Kerberos 5 (krb5) prior to 1.17.2 and 1.18.x prior to 1.18.3. The vulnerability stems from unbounded recursion in the ASN.1 BER decoder (lib/krb5/asn.1/asn1_encode.c) due to no recursion limit for indefinite lengths. This can lead to denial of service due to resource ex...

7.5CVSS7.6AI score0.04365EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.614 views

CVE-2022-21638

CVE-2022-21638 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL Server 8.0.29 and earlier. Attack surface: network-accessible via multiple protocols; requires high privileges; can cause a hang or frequent crash (denial of service). Several connected advisories confirm a...

4.9CVSS4.9AI score0.00962EPSS
CVE
CVE
added 2021/05/19 1:45 p.m.610 views

CVE-2021-3517

CVE-2021-3517 is a libxml2 vulnerability affecting versions before 2.9.11. A flaw in the xml entity encoding functionality could allow processing of a crafted XML file to trigger an out‑of‑bounds read, with availability impact and potential confidentiality/integrity impact if memory information i...

8.6CVSS8.4AI score0.0828EPSS
CVE
CVE
added 2017/05/23 3:56 a.m.609 views

CVE-2016-9841

CVE-2016-9841 is a vulnerability in zlib 1.2.8 related to improper pointer arithmetic in inffast.c that could have context-dependent impact. Connected advisories confirm public details and show remediation by upgrading zlib to a newer version (e.g., 1.2.11) across affected products and distributi...

9.8CVSS9.9AI score0.07489EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.609 views

CVE-2021-2144

CVE-2021-2144 affects Oracle MySQL Server (component: Server: Parser). Affected versions are 5.7.29 and earlier and 8.0.19 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise the MySQL Server, potentially leading to takeover of ...

7.2CVSS6.5AI score0.01886EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.609 views

CVE-2022-21605

CVE-2022-21605 concerns the Oracle MySQL Server, specifically the Server: Data Dictionary component. Affected are MySQL Server versions 8.0.28 and earlier . The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to cause the server to hang or crash, resul...

4.9CVSS4.7AI score0.01024EPSS
CVE
CVE
added 2023/10/17 9:2 p.m.600 views

CVE-2023-22079

CVE-2023-22079 concerns Oracle MySQL Server, component Server: Optimizer. Affected: MySQL 8.0.34 and earlier. Description: a low-privileged, network-accessible attacker can cause the MySQL Server to hang or crash (complete DoS) via multiple protocols. CVSS v3.1 base score 6.5 (Availability HIGH; ...

6.5CVSS6.5AI score0.00911EPSS
CVE
CVE
added 2023/10/17 9:3 p.m.600 views

CVE-2023-22114

CVE-2023-22114 affects Oracle MySQL (InnoDB) with versions 8.0.34 and earlier and 8.1.0. An attacker with network access via multiple protocols and high privileges could trigger a hang or crash (DoS). Public materials identify the vulnerability and impact but do not provide exploitation details i...

4.9CVSS5.1AI score0.00983EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.599 views

CVE-2020-2780

CVE-2020-2780 affects Oracle MySQL Server (Server: DML) with vulnerable ranges: 5.6.47 and earlier, 5.7.29 and earlier, and 8.0.19 and earlier. The issue allows a low-privileged, network-access attacker to cause a hang or crash (DOS) via multiple protocols. The connected advisories (e.g., ALAS/ C...

6.5CVSS6.3AI score0.0243EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.598 views

CVE-2020-14765

An advisory indicates CVE-2020-14765 affects Oracle MySQL Server (Server: FTS) with affected versions 5.6.49 and prior, 5.7.31 and prior, and 8.0.21 and prior. The cited materials describe a vulnerability that can cause the MySQL Server to hang or crash (DoS) via network access, but the root caus...

6.8CVSS6.4AI score0.03012EPSS
CVE
CVE
added 2017/04/17 9:0 p.m.596 views

CVE-2017-5645

CVE-2017-5645 affects Apache Log4j 2.x prior to 2.8.2. The vulnerability arises when using a TCP/UDP socket server to receive serialized log events from another application; a crafted binary payload can be deserialized to execute arbitrary code. The documented impact is remote code execution via ...

9.8CVSS9.5AI score0.8904EPSS
CVE
CVE
added 2023/10/17 9:2 p.m.595 views

CVE-2023-22064

CVE-2023-22064 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or repeatable crash (a complete DoS) of MySQL Server; CVSS v3.1 base score 4.9 (A...

4.9CVSS5.2AI score0.00884EPSS
CVE
CVE
added 2023/10/17 9:2 p.m.587 views

CVE-2023-22070

CVE-2023-22070 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.34 and earlier and 8.1.0. Exploitation via network could cause high-availability impact (hang or crash). Remediation: upgrade to patched version (e.g., 8.0.35-1 or newer as referenced by Debian/Mariner advisories)...

4.9CVSS5.1AI score0.00871EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.585 views

CVE-2020-14812

CVE-2020-14812 affects Oracle MySQL Server (component: Server: Locking) with affected versions 5.6.49 and prior, 5.7.31 and prior, and 8.0.21 and prior. Exploitation can lead to a hang or frequent crashes (DoS) with network access. Remediation status varies by distribution; Debian LTS notes a fix...

6.8CVSS5.1AI score0.0288EPSS
CVE
CVE
added 2019/01/16 7:0 p.m.580 views

CVE-2019-2455

CVE-2019-2455 affects the MySQL Server component (subcomponent: Server: Parser) with affected versions 5.6.42 and prior, 5.7.24 and prior, and 8.0.13 and prior. The vulnerability allows a low-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). Public advi...

6.5CVSS6.2AI score0.03688EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.580 views

CVE-2024-21096

Technical details about CVE-2024-21096 are not publicly provided in the supplied documents. Monitoring for updates is advised; the current sources do not specify affected products, versions, exploitability, or remediation within the given materials.

4.9CVSS5.9AI score0.00424EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.574 views

CVE-2023-21971

CVE-2023-21971 concerns Oracle MySQL Connectors, specifically the Connector/J component. Affected are 8.0.32 and earlier versions. The vulnerability, described as difficult to exploit, allows a high-privilege attacker with network access via multiple protocols to compromise MySQL Connectors. Impa...

5.3CVSS5.2AI score0.01286EPSS
Web
CVE
CVE
added 2021/04/22 9:53 p.m.572 views

CVE-2021-2166

CVE-2021-2166 affects the MySQL/MariaDB Server: DML component. Public sources in connected documents confirm affected products and versions: MySQL/MariaDB server vulnerable when running on Oracle MySQL 5.7.33 and earlier and 8.0.23 and earlier (per AstraLinux/ALMA advisories and related entries)....

4.9CVSS5.2AI score0.04643EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.561 views

CVE-2020-2814

CVE-2020-2814 affects Oracle MySQL Server (InnoDB) with affected versions 5.6.47 and prior, 5.7.28 and prior, and 8.0.18 and prior. Bulletins in connected advisories describe an easily exploitable, network-accessible vulnerability enabling a high-privilege attacker to cause a hang or frequent cra...

4.9CVSS5.2AI score0.02805EPSS
CVE
CVE
added 2023/10/17 9:2 p.m.561 views

CVE-2023-22026

CVE-2023-22026 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 5.7.42 and prior and 8.0.31 and prior. Attackers with network access via multiple protocols can exploit this to cause a hang or repeatedly crash the MySQL Server (availability impact). CVSS v3.1 base ...

4.9CVSS4.9AI score0.00871EPSS
CVE
CVE
added 2023/10/17 9:2 p.m.559 views

CVE-2023-22084

CVE-2023-22084 affects the MySQL Server product (InnoDB) with affected versions 5.7.43 and prior, 8.0.34 and prior, and 8.1.0. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server. The CV...

4.9CVSS4.9AI score0.01782EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.555 views

CVE-2018-3282

CVE-2018-3282 affects the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Affected versions include 5.5.61 and earlier, 5.6.41 and earlier, 5.7.23 and earlier, and 8.0.12 and earlier, with an attack surface that enables a network-accessing, high-privileged attacker...

4.9CVSS5.8AI score0.03968EPSS
CVE
CVE
added 2025/02/10 9:57 p.m.555 views

CVE-2025-24970

CVE-2025-24970 (Netty) affects Netty 4.1.91.Final through 4.1.118.Final. A crafted packet via SslHandler can fail validation, causing a native crash. A patch exists in 4.1.118.Final. Workarounds include disabling the native SSLEngine or applying code-level changes as noted by advisories. IBM bull...

7.5CVSS7.4AI score0.01966EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.552 views

CVE-2020-14550

CVE-2020-14550 affects the MySQL Client (C API) in Oracle MySQL. Affected are 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and earlier. The vulnerability allows a low-privilege, network-accessible attacker via multiple protocols to cause a hang or a frequent, crashable DoS of the MySQL Clie...

5.3CVSS5.2AI score0.02221EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.550 views

CVE-2023-21967

CVE-2023-21967 affects Oracle Java SE and GraalVM Enterprise Edition (JSSE, Swing, Hotspot, Libraries) with multiple vulnerable versions including Java 8u361, 11.0.18, 17.0.6, 20 and GraalVM 20.3.9/21.3.5/22.3.1. Root cause is unresolved issues in the Java components allowing unauthenticated netw...

5.9CVSS6.3AI score0.01523EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.547 views

CVE-2018-3174

CVE-2018-3174 affects Oracle MySQL Server (notably the Client programs) with affected versions 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior, and 8.0.12 and prior. Root cause per the sources is a vulnerability in MySQL Server that can, under certain conditions, lead to a hang or a complete...

5.3CVSS6.1AI score0.0081EPSS
CVE
CVE
added 2019/01/16 7:0 p.m.545 views

CVE-2019-2510

CVE-2019-2510 affects the MySQL Server component (InnoDB) of Oracle MySQL; affected versions are 5.7.24 and earlier and 8.0.13 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DOS). Public docume...

4.9CVSS4.9AI score0.03443EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.544 views

CVE-2023-21937

CVE-2023-21937 is an in-scope vulnerability affecting Oracle Java SE / GraalVM Enterprise Edition (Networking, Swing, Libraries, Hotspot, JSSE, etc.) with 8u361, 11.0.18, 17.0.6, 20 and related GraalVM versions impacted. It involves NULL-character handling and related input validation issues that...

3.7CVSS4.7AI score0.01208EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.541 views

CVE-2018-3064

CVE-2018-3064 affects the MySQL Server component (InnoDB). The initial description lists affected versions as 5.6.40 and earlier, 5.7.22 and earlier, and 8.0.11 and earlier, with a network-accessible, low-privilege exploit that can cause a hang/crash (DoS) and unauthorized read/write of data. Con...

7.1CVSS6.7AI score0.03162EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.541 views

CVE-2020-14776

CVE-2020-14776 affects MySQL (InnoDB) with vulnerable ranges of 5.7.31 and earlier, and 8.0.21 and earlier. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or a complete DoS of MySQL Server. Connected documents confirm thi...

4.9CVSS5.2AI score0.02621EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.541 views

CVE-2020-14789

CVE-2020-14789 affects Oracle MySQL Server (component: Server: FTS). Vulnerability details in connected advisories show it impacts MySQL 5.7.31 and prior and 8.0.21 and prior, with an attacker having network access via multiple protocols and high privileges able to cause a hang or crash (DoS) of ...

4.9CVSS5.1AI score0.02621EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.540 views

CVE-2022-21426

CVE-2022-21426 affects Oracle Java SE and GraalVM Enterprise Edition, with vulnerable components in Java SE (JAXP, Libraries, Serialization) and GraalVM CE surface. Public advisories list affected versions including Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 and GraalVM CE: 20.3.5, 21.3.1,...

5.3CVSS5.3AI score0.03028EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.532 views

CVE-2021-2194

CVE-2021-2194 affects Oracle MySQL Server (InnoDB) with vulnerable versions 5.7.33 and earlier and 8.0.23 and earlier. The issue allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. No exploitation details are provided in the ...

4.9CVSS4.9AI score0.02308EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.526 views

CVE-2023-21954

CVE-2023-21954 (and related CVEs listed in the same advisory set) affects Oracle Java SE/OpenJDK/GraalVM Enterprise Edition components across multiple versions (e.g., 8u361, 11.0.18, 17.0.6, 20.x; Swing, Hotspot, JSSE, Libraries). The issue set comprises several distinct weaknesses (e.g., TLS han...

5.9CVSS6.1AI score0.01421EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.520 views

CVE-2021-2021

CVE-2021-2021 affects Oracle MySQL Server (MySQL: Server: Optimizer) with affected versions 8.0.22 and earlier. It is described as an easily exploitable vulnerability allowing a high-privilege attacker with network access via multiple protocols to cause a hang or complete DoS on MySQL Server. The...

6.8CVSS4.9AI score0.10093EPSS
In wildWeb
CVE
CVE
added 2019/04/10 7:38 p.m.519 views

CVE-2019-11068

CVE-2019-11068 affects libxslt up to 1.1.33. The vulnerability arises because xsltCheckRead/xsltCheckWrite can permit access even after a -1 error, enabling protection bypass. According to the linked advisories, this vulnerability has a CVSSv3 base score of 9.8 (NETWORK, LOW attack complexity, NO...

9.8CVSS9.4AI score0.05089EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.514 views

CVE-2023-22049

CVE-2023-22049 affects Oracle Java SE and related GraalVM variants (Libraries component; and others listed) with affected versions including Oracle Java SE 8u371/8u371-perf/11.0.19/17.0.7/20.0.1; Oracle GraalVM Enterprise Edition and GraalVM for JDK versions. Exploitation is described as difficul...

3.7CVSS4.7AI score0.01316EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.513 views

CVE-2021-2032

CVE-2021-2032 affects Oracle MySQL Server (component: Information Schema). Affected versions: 5.7.32 and prior, 8.0.22 and prior. A low-privilege, network-accessible attacker via multiple protocols can read a subset of MySQL data. CVSS v3.1 base score 4.3 (C:L/I:N/A:N). No exploitation details or...

4.3CVSS3.7AI score0.01588EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.508 views

CVE-2024-21011

CVE-2024-21011 affects Oracle Java SE platforms (Hotspot) and Oracle GraalVM for JDK/Enterprise Edition. Affected versions include Java SE: 8u401, 11.0.22, 17.0.10, 21.0.2, 22; GraalVM for JDK: 17.0.10, 21.0.2, 22; GraalVM EE: 20.3.13, 21.3.9. The vulnerability is exploitable over a network by un...

3.7CVSS3.2AI score0.01361EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.507 views

CVE-2023-21939

CVE-2023-21939 affects Oracle Java SE and GraalVM Enterprise Edition Swing component across several versions (e.g., Java 8u361, 11.0.18, 17.0.6, 20; GraalVM EE 20.3.9/21.3.5/22.3.1). It is an easily exploitable, unauthenticated remote issue over HTTP that can lead to unauthorized update/insert/de...

5.3CVSS5.7AI score0.02474EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.506 views

CVE-2023-21968

CVE-2023-21968 affects Oracle Java SE and GraalVM when using the Libraries component (and related entries list Swing/JSSE/Hotspot among affected subsystems) for multiple Java versions (e.g., 8u361, 11.0.18, 17.0.6, 20; GraalVM EE 20.3.9/21.3.5/22.3.1). The vulnerability is exploitable over the ne...

3.7CVSS4.7AI score0.01036EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.499 views

CVE-2020-14556

CVE-2020-14556 and related CVEs (e.g., 14577, 14578, 14579, 14581, 14583, 14593, 14621, 14664) pertain to Oracle Java SE/OpenJDK/OpenJDK-derived runtimes across multiple components (Libraries, JSSE, 2D, JAXP, JavaFX, etc.). The primary 2020 issue affects Java SE and Java SE Embedded on various ve...

5.8CVSS4.9AI score0.03022EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.496 views

CVE-2023-21938

CVE-2023-21938 affects Oracle Java SE (Libraries, Swing, JSSE, Hotspot, JavaFX) and Oracle GraalVM Enterprise Edition across multiple components. Affected versions include Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4, 22.3.0. The vulner...

3.7CVSS4.7AI score0.01208EPSS
CVE
CVE
added 2021/03/22 11:40 p.m.494 views

CVE-2021-21341

CVE-2021-21341 affects the XStream Java library (unmarshalling) prior to 1.4.16. The vulnerability enables a remote attacker to cause a denial-of-service by consuming 100% CPU time via manipulated input streams. Impact is described as CPU denial of service; no user impact if the recommended Secur...

7.5CVSS8.5AI score0.77801EPSS
CVE
CVE
added 2023/10/17 9:3 p.m.494 views

CVE-2023-22115

CVE-2023-22115 affects Oracle MySQL Server (Server: DML). Affected: MySQL 8.0.33 and earlier. Exploitation could allow a high-privilege attacker with network access to cause a hang or crash (DoS). Remediation: upgrade to a fixed version; for some distributions this issue is addressed by upgrading...

4.9CVSS5.2AI score0.00884EPSS
Total number of security vulnerabilities971