971 matches found
CVE-2023-22068
CVE-2023-22068 affects Oracle MySQL Server (InnoDB). Affected: MySQL 8.0.34 and earlier, and 8.1.0. An attacker with network access via multiple protocols and high privileges can cause the server to hang or crash (DoS). No explicit exploitation details are provided beyond this claim. Remediation:...
CVE-2023-22103
CVE-2023-22103 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.34 and earlier, and 8.1.0. Attack via network with high privileges can cause a hang or frequent crash (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Availability). Remediation: upgrade to a fixed package/version...
CVE-2022-21641
Summary (from provided sources): CVE-2022-21641 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.29 and earlier. The vulnerability is exploitable by a high-privilege attacker with network access via multiple protocols and can lead to a hang or a...
CVE-2022-21592
CVE-2022-21592 affects Oracle MySQL Server (Server: Security: Encryption). Affected: MySQL 5.7.39 and earlier, and 8.0.29 and earlier. A low-privileged attacker with network access over multiple protocols can cause unauthorized read access to a subset of data. CVSS 3.1 base score 4.3 (Confidentia...
CVE-2022-21595
CVE-2022-21595 affects Oracle MySQL Server (component: C API). Affected versions include MySQL Server 5.7.36 and prior and 8.0.27 and prior. The vulnerability is exploitable with network access via multiple protocols and is described as difficult to exploit, requiring high privileges. Successful ...
CVE-2020-28196
CVE-2020-28196 affects MIT Kerberos 5 (krb5) prior to 1.17.2 and 1.18.x prior to 1.18.3. The vulnerability stems from unbounded recursion in the ASN.1 BER decoder (lib/krb5/asn.1/asn1_encode.c) due to no recursion limit for indefinite lengths. This can lead to denial of service due to resource ex...
CVE-2022-21638
CVE-2022-21638 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL Server 8.0.29 and earlier. Attack surface: network-accessible via multiple protocols; requires high privileges; can cause a hang or frequent crash (denial of service). Several connected advisories confirm a...
CVE-2021-3517
CVE-2021-3517 is a libxml2 vulnerability affecting versions before 2.9.11. A flaw in the xml entity encoding functionality could allow processing of a crafted XML file to trigger an out‑of‑bounds read, with availability impact and potential confidentiality/integrity impact if memory information i...
CVE-2016-9841
CVE-2016-9841 is a vulnerability in zlib 1.2.8 related to improper pointer arithmetic in inffast.c that could have context-dependent impact. Connected advisories confirm public details and show remediation by upgrading zlib to a newer version (e.g., 1.2.11) across affected products and distributi...
CVE-2021-2144
CVE-2021-2144 affects Oracle MySQL Server (component: Server: Parser). Affected versions are 5.7.29 and earlier and 8.0.19 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise the MySQL Server, potentially leading to takeover of ...
CVE-2022-21605
CVE-2022-21605 concerns the Oracle MySQL Server, specifically the Server: Data Dictionary component. Affected are MySQL Server versions 8.0.28 and earlier . The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to cause the server to hang or crash, resul...
CVE-2023-22079
CVE-2023-22079 concerns Oracle MySQL Server, component Server: Optimizer. Affected: MySQL 8.0.34 and earlier. Description: a low-privileged, network-accessible attacker can cause the MySQL Server to hang or crash (complete DoS) via multiple protocols. CVSS v3.1 base score 6.5 (Availability HIGH; ...
CVE-2023-22114
CVE-2023-22114 affects Oracle MySQL (InnoDB) with versions 8.0.34 and earlier and 8.1.0. An attacker with network access via multiple protocols and high privileges could trigger a hang or crash (DoS). Public materials identify the vulnerability and impact but do not provide exploitation details i...
CVE-2020-2780
CVE-2020-2780 affects Oracle MySQL Server (Server: DML) with vulnerable ranges: 5.6.47 and earlier, 5.7.29 and earlier, and 8.0.19 and earlier. The issue allows a low-privileged, network-access attacker to cause a hang or crash (DOS) via multiple protocols. The connected advisories (e.g., ALAS/ C...
CVE-2020-14765
An advisory indicates CVE-2020-14765 affects Oracle MySQL Server (Server: FTS) with affected versions 5.6.49 and prior, 5.7.31 and prior, and 8.0.21 and prior. The cited materials describe a vulnerability that can cause the MySQL Server to hang or crash (DoS) via network access, but the root caus...
CVE-2017-5645
CVE-2017-5645 affects Apache Log4j 2.x prior to 2.8.2. The vulnerability arises when using a TCP/UDP socket server to receive serialized log events from another application; a crafted binary payload can be deserialized to execute arbitrary code. The documented impact is remote code execution via ...
CVE-2023-22064
CVE-2023-22064 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or repeatable crash (a complete DoS) of MySQL Server; CVSS v3.1 base score 4.9 (A...
CVE-2023-22070
CVE-2023-22070 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.34 and earlier and 8.1.0. Exploitation via network could cause high-availability impact (hang or crash). Remediation: upgrade to patched version (e.g., 8.0.35-1 or newer as referenced by Debian/Mariner advisories)...
CVE-2020-14812
CVE-2020-14812 affects Oracle MySQL Server (component: Server: Locking) with affected versions 5.6.49 and prior, 5.7.31 and prior, and 8.0.21 and prior. Exploitation can lead to a hang or frequent crashes (DoS) with network access. Remediation status varies by distribution; Debian LTS notes a fix...
CVE-2019-2455
CVE-2019-2455 affects the MySQL Server component (subcomponent: Server: Parser) with affected versions 5.6.42 and prior, 5.7.24 and prior, and 8.0.13 and prior. The vulnerability allows a low-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). Public advi...
CVE-2024-21096
Technical details about CVE-2024-21096 are not publicly provided in the supplied documents. Monitoring for updates is advised; the current sources do not specify affected products, versions, exploitability, or remediation within the given materials.
CVE-2023-21971
CVE-2023-21971 concerns Oracle MySQL Connectors, specifically the Connector/J component. Affected are 8.0.32 and earlier versions. The vulnerability, described as difficult to exploit, allows a high-privilege attacker with network access via multiple protocols to compromise MySQL Connectors. Impa...
CVE-2021-2166
CVE-2021-2166 affects the MySQL/MariaDB Server: DML component. Public sources in connected documents confirm affected products and versions: MySQL/MariaDB server vulnerable when running on Oracle MySQL 5.7.33 and earlier and 8.0.23 and earlier (per AstraLinux/ALMA advisories and related entries)....
CVE-2020-2814
CVE-2020-2814 affects Oracle MySQL Server (InnoDB) with affected versions 5.6.47 and prior, 5.7.28 and prior, and 8.0.18 and prior. Bulletins in connected advisories describe an easily exploitable, network-accessible vulnerability enabling a high-privilege attacker to cause a hang or frequent cra...
CVE-2023-22026
CVE-2023-22026 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 5.7.42 and prior and 8.0.31 and prior. Attackers with network access via multiple protocols can exploit this to cause a hang or repeatedly crash the MySQL Server (availability impact). CVSS v3.1 base ...
CVE-2023-22084
CVE-2023-22084 affects the MySQL Server product (InnoDB) with affected versions 5.7.43 and prior, 8.0.34 and prior, and 8.1.0. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server. The CV...
CVE-2018-3282
CVE-2018-3282 affects the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Affected versions include 5.5.61 and earlier, 5.6.41 and earlier, 5.7.23 and earlier, and 8.0.12 and earlier, with an attack surface that enables a network-accessing, high-privileged attacker...
CVE-2025-24970
CVE-2025-24970 (Netty) affects Netty 4.1.91.Final through 4.1.118.Final. A crafted packet via SslHandler can fail validation, causing a native crash. A patch exists in 4.1.118.Final. Workarounds include disabling the native SSLEngine or applying code-level changes as noted by advisories. IBM bull...
CVE-2020-14550
CVE-2020-14550 affects the MySQL Client (C API) in Oracle MySQL. Affected are 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and earlier. The vulnerability allows a low-privilege, network-accessible attacker via multiple protocols to cause a hang or a frequent, crashable DoS of the MySQL Clie...
CVE-2023-21967
CVE-2023-21967 affects Oracle Java SE and GraalVM Enterprise Edition (JSSE, Swing, Hotspot, Libraries) with multiple vulnerable versions including Java 8u361, 11.0.18, 17.0.6, 20 and GraalVM 20.3.9/21.3.5/22.3.1. Root cause is unresolved issues in the Java components allowing unauthenticated netw...
CVE-2018-3174
CVE-2018-3174 affects Oracle MySQL Server (notably the Client programs) with affected versions 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior, and 8.0.12 and prior. Root cause per the sources is a vulnerability in MySQL Server that can, under certain conditions, lead to a hang or a complete...
CVE-2019-2510
CVE-2019-2510 affects the MySQL Server component (InnoDB) of Oracle MySQL; affected versions are 5.7.24 and earlier and 8.0.13 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DOS). Public docume...
CVE-2023-21937
CVE-2023-21937 is an in-scope vulnerability affecting Oracle Java SE / GraalVM Enterprise Edition (Networking, Swing, Libraries, Hotspot, JSSE, etc.) with 8u361, 11.0.18, 17.0.6, 20 and related GraalVM versions impacted. It involves NULL-character handling and related input validation issues that...
CVE-2018-3064
CVE-2018-3064 affects the MySQL Server component (InnoDB). The initial description lists affected versions as 5.6.40 and earlier, 5.7.22 and earlier, and 8.0.11 and earlier, with a network-accessible, low-privilege exploit that can cause a hang/crash (DoS) and unauthorized read/write of data. Con...
CVE-2020-14776
CVE-2020-14776 affects MySQL (InnoDB) with vulnerable ranges of 5.7.31 and earlier, and 8.0.21 and earlier. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or a complete DoS of MySQL Server. Connected documents confirm thi...
CVE-2020-14789
CVE-2020-14789 affects Oracle MySQL Server (component: Server: FTS). Vulnerability details in connected advisories show it impacts MySQL 5.7.31 and prior and 8.0.21 and prior, with an attacker having network access via multiple protocols and high privileges able to cause a hang or crash (DoS) of ...
CVE-2022-21426
CVE-2022-21426 affects Oracle Java SE and GraalVM Enterprise Edition, with vulnerable components in Java SE (JAXP, Libraries, Serialization) and GraalVM CE surface. Public advisories list affected versions including Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 and GraalVM CE: 20.3.5, 21.3.1,...
CVE-2021-2194
CVE-2021-2194 affects Oracle MySQL Server (InnoDB) with vulnerable versions 5.7.33 and earlier and 8.0.23 and earlier. The issue allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. No exploitation details are provided in the ...
CVE-2023-21954
CVE-2023-21954 (and related CVEs listed in the same advisory set) affects Oracle Java SE/OpenJDK/GraalVM Enterprise Edition components across multiple versions (e.g., 8u361, 11.0.18, 17.0.6, 20.x; Swing, Hotspot, JSSE, Libraries). The issue set comprises several distinct weaknesses (e.g., TLS han...
CVE-2021-2021
CVE-2021-2021 affects Oracle MySQL Server (MySQL: Server: Optimizer) with affected versions 8.0.22 and earlier. It is described as an easily exploitable vulnerability allowing a high-privilege attacker with network access via multiple protocols to cause a hang or complete DoS on MySQL Server. The...
CVE-2019-11068
CVE-2019-11068 affects libxslt up to 1.1.33. The vulnerability arises because xsltCheckRead/xsltCheckWrite can permit access even after a -1 error, enabling protection bypass. According to the linked advisories, this vulnerability has a CVSSv3 base score of 9.8 (NETWORK, LOW attack complexity, NO...
CVE-2023-22049
CVE-2023-22049 affects Oracle Java SE and related GraalVM variants (Libraries component; and others listed) with affected versions including Oracle Java SE 8u371/8u371-perf/11.0.19/17.0.7/20.0.1; Oracle GraalVM Enterprise Edition and GraalVM for JDK versions. Exploitation is described as difficul...
CVE-2021-2032
CVE-2021-2032 affects Oracle MySQL Server (component: Information Schema). Affected versions: 5.7.32 and prior, 8.0.22 and prior. A low-privilege, network-accessible attacker via multiple protocols can read a subset of MySQL data. CVSS v3.1 base score 4.3 (C:L/I:N/A:N). No exploitation details or...
CVE-2024-21011
CVE-2024-21011 affects Oracle Java SE platforms (Hotspot) and Oracle GraalVM for JDK/Enterprise Edition. Affected versions include Java SE: 8u401, 11.0.22, 17.0.10, 21.0.2, 22; GraalVM for JDK: 17.0.10, 21.0.2, 22; GraalVM EE: 20.3.13, 21.3.9. The vulnerability is exploitable over a network by un...
CVE-2023-21939
CVE-2023-21939 affects Oracle Java SE and GraalVM Enterprise Edition Swing component across several versions (e.g., Java 8u361, 11.0.18, 17.0.6, 20; GraalVM EE 20.3.9/21.3.5/22.3.1). It is an easily exploitable, unauthenticated remote issue over HTTP that can lead to unauthorized update/insert/de...
CVE-2023-21968
CVE-2023-21968 affects Oracle Java SE and GraalVM when using the Libraries component (and related entries list Swing/JSSE/Hotspot among affected subsystems) for multiple Java versions (e.g., 8u361, 11.0.18, 17.0.6, 20; GraalVM EE 20.3.9/21.3.5/22.3.1). The vulnerability is exploitable over the ne...
CVE-2020-14556
CVE-2020-14556 and related CVEs (e.g., 14577, 14578, 14579, 14581, 14583, 14593, 14621, 14664) pertain to Oracle Java SE/OpenJDK/OpenJDK-derived runtimes across multiple components (Libraries, JSSE, 2D, JAXP, JavaFX, etc.). The primary 2020 issue affects Java SE and Java SE Embedded on various ve...
CVE-2023-21938
CVE-2023-21938 affects Oracle Java SE (Libraries, Swing, JSSE, Hotspot, JavaFX) and Oracle GraalVM Enterprise Edition across multiple components. Affected versions include Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4, 22.3.0. The vulner...
CVE-2021-21341
CVE-2021-21341 affects the XStream Java library (unmarshalling) prior to 1.4.16. The vulnerability enables a remote attacker to cause a denial-of-service by consuming 100% CPU time via manipulated input streams. Impact is described as CPU denial of service; no user impact if the recommended Secur...
CVE-2023-22115
CVE-2023-22115 affects Oracle MySQL Server (Server: DML). Affected: MySQL 8.0.33 and earlier. Exploitation could allow a high-privilege attacker with network access to cause a hang or crash (DoS). Remediation: upgrade to a fixed version; for some distributions this issue is addressed by upgrading...