Lucene search
K
NetappOncommand Insight

971 matches found

CVE
CVE
added 2020/07/15 5:34 p.m.429 views

CVE-2020-14577

CVE-2020-14577 is a TLS/JSSE-related issue in Oracle Java SE and Java SE Embedded (affecting Java 7u261, 8u251, 11.0.7 and 14.0.1; Embedded 8u251) enabling unauthenticated network access to read some data. Connected advisories show vendor-specific mitigations: for example, Amazon Linux ALAS advis...

4.3CVSS4.4AI score0.03284EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.429 views

CVE-2021-2019

CVE-2021-2019 concerns Oracle MySQL Server (Server: Security: Privileges). Affected versions: 8.0.19 and earlier. The vulnerability is exploitable by a highly privileged attacker who has network access via multiple protocols, enabling unauthorized read access to a subset of MySQL Server data. The...

4CVSS3AI score0.01618EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.429 views

CVE-2021-2024

CVE-2021-2024 affects Oracle MySQL Server (Server: Optimizer). Affects MySQL 8.0.22 and earlier. vulnerability allows a low-privileged, network‑authenticated attacker to cause a hang or repeatable crash (DoS) via multiple protocols, with availability impact described as high. No explicit root cau...

6.8CVSS6.2AI score0.0224EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.428 views

CVE-2018-2952

CVE-2018-2952 affects OpenJDK/OpenJDK-derived Java runtimes (Java SE 7/8 and JRockit) in the Concurrency component. The root cause is insufficient index validation in PatternSyntaxException getMessage(), enabling unauthenticated network-based exploitation that can cause a denial of service via me...

4.3CVSS4AI score0.04184EPSS
CVE
CVE
added 2024/01/16 9:41 p.m.428 views

CVE-2024-20952

CVE-2024-20952 affects Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition (Security component). Affected Oracle Java SE versions: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; GraalVM for JDK: 17.0.9, 21.0.1; GraalVM Enterprise Edition: 20.3.12, 21.3.8, 22.3.4. The initia...

7.4CVSS7.1AI score0.00918EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.426 views

CVE-2020-14798

CVE-2020-14798 is a vulnerability in Oracle Java SE Libraries affecting Java SE versions 7u271, 8u261, 11.0.8 and 15, and Java SE Embedded 8u261. Exploitation is possible over network with multiple protocols and does not require authentication, but requires user interaction. Impact described as p...

3.1CVSS3.4AI score0.02684EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.426 views

CVE-2020-2765

CVE-2020-2765 is a vulnerability in Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are MySQL 5.7.29 and earlier, and 8.0.19 and earlier. The issue can be exploited with network access via multiple protocols by a high-privilege attacker to cause a hang or a co...

4.9CVSS4.8AI score0.02513EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.426 views

CVE-2021-2009

CVE-2021-2009 concerns a vulnerability in Oracle MySQL Server, specifically in the Server: Security: Roles component. Affected versions are 8.0.19 and earlier. The description indicates that a high-privilege attacker who can reach the server over the network (via multiple protocols) could exploit...

6.8CVSS4.9AI score0.02359EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.426 views

CVE-2021-2012

CVE-2021-2012 affects Oracle MySQL Server (component: Server: Security: Privileges). Affected versions: 8.0.20 and earlier. An attacker with network access via multiple protocols and high privileges can exploit this to cause a hang or crash (high‑impact DoS) on MySQL Server. The document provides...

6.8CVSS4.8AI score0.02295EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.425 views

CVE-2021-2038

CVE-2021-2038 affects Oracle MySQL Server (Server: Components Services). Affected versions: 8.0.22 and earlier. Root cause: vulnerability in a server component allowing a high-privileged attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (complete DoS)....

6.3CVSS4.4AI score0.01722EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.425 views

CVE-2021-2056

CVE-2021-2056 affects Oracle MySQL Server (component: Server: DML). Affected: MySQL 8.0.22 and earlier. An attacker with network access via multiple protocols and who has high privileges can exploit to cause a hang or crash (complete DoS). CVSS v3.1 base score 4.4 (Availability). No exploit detai...

6.3CVSS4.4AI score0.01722EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.425 views

CVE-2021-2061

CVE-2021-2061 affects Oracle MySQL Server (Server: DDL). Affected: MySQL 8.0.22 and earlier. Attack scenario: a high-privileged attacker with network access via multiple protocols can trigger a hang or repetitive crash (DoS) of MySQL Server. Impact: availability loss (per CVSS v3.1 base 4.4). Roo...

6.3CVSS4.4AI score0.01714EPSS
CVE
CVE
added 2021/07/20 10:43 p.m.425 views

CVE-2021-2356

CVE-2021-2356 affects Oracle MySQL Server (Server: Replication) with affected versions 5.7.34 and prior and 8.0.25 and prior. A successful attempt can cause a hang or crash (DoS) and allow unauthorized update/insert/delete of some data. Affected advisories indicate fixes exist in newer MySQL buil...

5.9CVSS5.7AI score0.01879EPSS
CVE
CVE
added 2017/02/03 7:0 p.m.424 views

CVE-2016-10165

CVE-2016-10165 targets Little CMS (lcms2). The Type_MLU_Read function in cmstypes.c may trigger an out-of-bounds heap read when processing a crafted ICC profile, potentially allowing information disclosure or denial of service. Connected IBM advisories confirm the vulnerability details for produc...

7.1CVSS7.9AI score0.02772EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.424 views

CVE-2020-2654

CVE-2020-2654 affects Oracle Java SE Libraries in Java SE 7u241, 8u231, 11.0.5 and 13.0.1 (Java SE and Java SE Embedded) with the issue described as an unauthenticated network-access vulnerability that can cause a partial denial of service. The root cause is tied to the Libraries component (with ...

4.3CVSS4.5AI score0.03823EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.423 views

CVE-2020-14781

CVE-2020-14781 affects Oracle Java SE/SE Embedded (JNDI) with affected versions including Java SE 7u271, 8u261, 11.0.8, 15 and Java SE Embedded 8u261. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read a subset of Java SE/SE Embedded data. The ...

4.3CVSS3.5AI score0.02296EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.422 views

CVE-2020-2572

CVE-2020-2572 affects Oracle MySQL Server, specifically the Server: Audit Plugin. Affected versions: MySQL 5.7.28 and earlier, and 8.0.18 and earlier. Root cause: vulnerability in the Audit Plugin that can be exploited remotely by a high-privilege, unauthenticated attacker to potentially update/i...

4CVSS3.2AI score0.01305EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.422 views

CVE-2021-2076

CVE-2021-2076 affects Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.22 and earlier. An attacker with network access via multiple protocols and high privileges can cause the server to hang or crash (complete DoS). CVSS 3.1 base score 4.9 (AV:N/AC:L/PR:H/UI:N/S:U/C:N...

6.8CVSS4.9AI score0.02157EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.421 views

CVE-2021-2016

CVE-2021-2016 affects Oracle MySQL Server, specifically the Server: Optimizer. Affects MySQL 8.0.19 and earlier. An attacker with network access via multiple protocols and high privileges can trigger a hang or frequently repeatable crash (complete DoS) of MySQL Server. Root cause: vulnerability i...

6.8CVSS4.9AI score0.02145EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.421 views

CVE-2021-2031

CVE-2021-2031 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.22 and earlier. Condition: authenticated, high-privilege attacker with network access via multiple protocols. Impact: can hang or cause a frequently repeating crash (complete DoS) of MySQL Server. Base CVSS 3.1 sco...

6.8CVSS4.9AI score0.02157EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.421 views

CVE-2021-2081

CVE-2021-2081 affects Oracle MySQL Server (component: Server: Stored Procedure). Affected versions are 8.0.22 and earlier. The description states an easily exploitable vulnerability that allows a highly privileged attacker who can access the server over multiple network protocols to cause a hang ...

6.8CVSS4.9AI score0.0183EPSS
CVE
CVE
added 2021/03/22 11:40 p.m.421 views

CVE-2021-21345

CVE-2021-21345 affects the XStream Java library. Per connected sources, vulnerable versions are those before 1.4.16, where an attacker with sufficient rights can remotely execute commands on the host by manipulating the processed input stream. The issue is mitigated by upgrading to 1.4.16 or late...

9.9CVSS7.8AI score0.72324EPSS
CVE
CVE
added 2022/04/19 8:37 p.m.421 views

CVE-2022-21451

CVE-2022-21451 affects Oracle MySQL Server (InnoDB) for affected versions 5.7.37 and earlier, and 8.0.28 and earlier. The vulnerability can be exploited by a highly privileged attacker with network access via multiple protocols to cause a hang or frequent crashes (denial of service); exploitation...

4.4CVSS4.5AI score0.01266EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.420 views

CVE-2020-14581

CVE-2020-14581 affects Oracle Java SE/Java SE Embedded (component: 2D) with affected versions Java SE: 8u251, 11.0.7, 14.0.1 and Java SE Embedded: 8u251. The CVE is listed with a low overall base score (CVSS 3.1: 3.7) and confidentiality impact (C:L) and no impact on integrity/availability (I:N/A...

4.3CVSS4AI score0.03284EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.420 views

CVE-2023-22041

This CVE (CVE-2023-22041) affects Oracle Java SE and Oracle GraalVM products, including: Oracle Java SE 8u371-perf, 11.0.19, 17.0.7, 20.0.1; GraalVM Enterprise 20.3.10, 21.3.6, 22.3.2; GraalVM for JDK 17.0.7 and 20.0.1. The vulnerability is exploitable by an unauthenticated attacker with a login ...

5.1CVSS5.8AI score0.00483EPSS
CVE
CVE
added 2021/03/22 11:40 p.m.419 views

CVE-2021-21346

XStream (Java XML serialization library) has CVE-2021-21346 among a set of 2021-04x vulnerabilities. The issue affects XStream prior to 1.4.16 where processing input streams can lead to remote code execution or related impacts if exploitation occurs, with mitigations including enabling the Securi...

9.8CVSS8.3AI score0.76367EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.418 views

CVE-2020-2679

CVE-2020-2679 affects Oracle MySQL Server (Server: Optimizer). Affected versions are 8.0.18 and earlier. The vulnerability can be exploited via network to cause a hang or frequent crash (DoS) of MySQL Server, with attack potential described as high-privilege, remote. The attached connected adviso...

4.9CVSS4.9AI score0.01878EPSS
CVE
CVE
added 2024/01/16 9:41 p.m.418 views

CVE-2024-20926

CVE-2024-20926 affects Oracle Java SE and related GraalVM products (Scripting component). Affected versions include Oracle Java SE 8u391, 8u391-perf, 11.0.21; GraalVM for JDK 17.0.9; GraalVM Enterprise 20.3.12, 21.3.8, 22.3.4. The vulnerability allows an unauthenticated attacker with network acce...

5.9CVSS5.8AI score0.01026EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.417 views

CVE-2020-14803

CVE-2020-14803 affects Oracle Java SE Libraries in Java SE 11.0.8 and 15. The vulnerability allows an unauthenticated attacker over network to read a subset of Java SE data due to an issue in Libraries handling, per the CVSS base score 5.3 (CONF). Affected advisories across platforms corroborate ...

5.3CVSS4.4AI score0.03122EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.417 views

CVE-2020-2589

CVE-2020-2589 is a vulnerability in Oracle MySQL Server (InnoDB) affecting 5.7.28 and earlier and 8.0.17 and earlier. The issue can allow a high-privilege attacker with network access via multiple protocols to cause a hang or repeated crashes (complete DOS) of MySQL Server, with an availability i...

4.9CVSS4.8AI score0.01878EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.417 views

CVE-2021-2070

CVE-2021-2070 affects Oracle MySQL Server (Server: Optimizer). An attacker with network access via multiple protocols and high privileges could cause a hang or crash (DoS) in MySQL Server; affected versions include 8.0.22 and earlier. Public details in the connected documents confirm the vulnerab...

6.8CVSS4.9AI score0.02157EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.416 views

CVE-2018-3162

CVE-2018-3162 is a vulnerability in the MySQL Server component (subcomponent: InnoDB) affecting versions 5.7.23 and earlier and 8.0.12 and earlier. The CVE description states an attacker with network access can cause a hang or frequent crash (DoS). The connected F5 advisory notes remediation by u...

4.9CVSS5AI score0.03254EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.416 views

CVE-2021-2072

CVE-2021-2072 affects Oracle MySQL Server (Server: Stored Procedure). In the provided sources, affected versions are 8.0.22 and earlier. The vulnerability allows a high-privilege attacker who can reach the server over multiple network protocols to cause the MySQL Server to hang or crash (denial o...

6.8CVSS4.9AI score0.02157EPSS
CVE
CVE
added 2022/10/18 12:0 a.m.415 views

CVE-2022-21619

CVE-2022-21619 affects Oracle Java SE (Security) and Oracle GraalVM Enterprise Edition. Affected Java SE versions: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; GraalVM Enterprise Edition: 20.3.7, 21.3.3, 22.2.0. The vulnerability allows unauthenticated network access to compromise affected product...

3.7CVSS3.9AI score0.02376EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.414 views

CVE-2020-2803

CVE-2020-2803 affects OpenJDK (Libraries component, Java SE/OpenJDK). The connected document confirms a vulnerability in boundary checks of java.nio buffer classes that allows an untrusted Java applet/application to bypass Java sandbox restrictions. Affected versions align with the original descr...

8.3CVSS8.2AI score0.0623EPSS
CVE
CVE
added 2021/09/29 12:0 a.m.413 views

CVE-2021-22946

CVE-2021-22946 affects curl before 7.82.0 (and within 7.20.0–7.78.0 per description) where the --ssl-reqd option or CURLUSESSL controls could be bypassed if a server crafts a legitimate response, allowing curl to continue without TLS. Connected sources confirm this flaw exists across multiple eco...

7.5CVSS7.6AI score0.04224EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.412 views

CVE-2020-14779

CVE-2020-14779 affects Oracle Java SE SE/Embedded with Serialization and can enable an unauthenticated network-based attacker to cause partial denial of service. Affected versions include Java SE 7u271, 8u261, 11.0.8, 15 and Java SE Embedded 8u261; attack surface covers client and server deployme...

4.3CVSS3.7AI score0.03713EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.412 views

CVE-2020-2590

CVE-2020-2590 is an OpenJDK/Oracle Java SE vulnerability in the Security component (Kerberos interop) affecting Java SE and Java SE Embedded across multiple versions. Public descriptions indicate unauthenticated remote access via network and potential unauthorized data updates/deletes; CVSS 3.0 b...

4.3CVSS4.4AI score0.03085EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.412 views

CVE-2021-2002

CVE-2021-2002 affects the MySQL Server, specifically the replication server component. Affected are 8.0.22 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause a hang or a frequently repeatable crash (DoS) of MySQL Serve...

6.8CVSS4.9AI score0.02609EPSS
In wild
CVE
CVE
added 2023/10/17 9:3 p.m.412 views

CVE-2023-22113

CVE-2023-22113 affects Oracle MySQL Server (Server: Security: Encryption) and is applicable to MySQL 8.0.33 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to potentially read a subset of data, with the CVSS v3.1 base score of 2.7 (low im...

2.7CVSS3.4AI score0.00809EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.411 views

CVE-2020-2804

CVE-2020-2804 affects Oracle MySQL Server, component Server: Memcached . Affected versions include 5.6.47 and earlier, 5.7.29 and earlier, and 8.0.19 and earlier. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to cause a hang or crash (complete DOS...

5.9CVSS5.5AI score0.03306EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.410 views

CVE-2021-2171

CVE-2021-2171 affects Oracle MySQL Server (Server: Replication). Affected versions: MySQL 5.7.33 and earlier and 8.0.23 and earlier. The flaw allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DoS). The connected advisories indi...

4.4CVSS4.4AI score0.01803EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.410 views

CVE-2021-2226

CVE-2021-2226 affects Oracle MySQL Server (Server: Information Schema). Affected: MySQL 5.7.33 and older, 8.0.23 and older. Description in the provided docs notes an easily exploitable issue that could allow a high-privileged attacker with network access via multiple protocols to compromise data ...

4.9CVSS4.7AI score0.01388EPSS
CVE
CVE
added 2023/07/18 8:18 p.m.410 views

CVE-2023-22036

CVE-2023-22036 is described across the primary record as vulnerability in Oracle Java SE, GraalVM (Utility) with affected versions across Oracle Java SE 11.0.19, 17.0.7, 20.0.1 and GraalVM 20.3.10, 21.3.6, 22.3.2; attackable by unauthenticated network access via multiple protocols, potentially en...

3.7CVSS4.6AI score0.01108EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.408 views

CVE-2020-14576

CVE-2020-14576 affects Oracle MySQL Server (component: Server: UDF). Affected versions are MySQL 5.7.30 and earlier, and 8.0.20 and earlier. The vulnerability enables a low-privilege, network-access attacker to cause a hang or frequent crashes (complete DoS) via multiple protocols. The CVSS3.1 ba...

6.5CVSS6.2AI score0.02237EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.408 views

CVE-2021-2042

CVE-2021-2042 affects the MySQL Server component InnoDB in Oracle MySQL. Affected versions are 8.0.21 and earlier. The vulnerability is exploitable by a high-privilege attacker who has local access to the MySQL server, enabling unauthorized read access to a subset of MySQL data. The CVSS 3.1 Base...

2.3CVSS3.2AI score0.00445EPSS
CVE
CVE
added 2021/03/22 11:40 p.m.408 views

CVE-2021-21347

CVE-2021-21347 affects XStream Java library (pre-1.4.16). The vulnerability allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream, with high severity when not using a proper security framework. Guidance across sources indicates u...

9.8CVSS8.3AI score0.14301EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.407 views

CVE-2020-14775

CVE-2020-14775 affects Oracle MySQL Server InnoDB. Affects MySQL Server versions 5.7.31 and earlier and 8.0.21 and earlier; exploitation can cause the server to hang or crash (DoS) via network access across multiple protocols. Remediation in public advisories includes upgrading to fixed releases:...

6.5CVSS6.2AI score0.02426EPSS
CVE
CVE
added 2021/03/22 11:45 p.m.407 views

CVE-2021-21349

XStream (Java) before 1.4.16 is vulnerable to an input-stream manipulation flaw (CVE-2021-21349) that may allow a remote attacker to access data from internal resources not publicly available. The issue arises from processing the input stream during deserialization. A fix is available in XStream ...

8.6CVSS7.8AI score0.46826EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.407 views

CVE-2021-35561

CVE-2021-35561 affects Oracle Java SE/GraalVM Enterprise Edition across multiple components (e.g., Utility, Swing, ImageIO, Keytool, JSSE) with affected Java SE versions 7u311, 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. The vulnerability allows unauthenticated network access to cause partia...

5.3CVSS5.1AI score0.06468EPSS
Total number of security vulnerabilities971