971 matches found
CVE-2024-21085
CVE-2024-21085 is described across multiple sources as a low-severity issue affecting Oracle Java SE and GraalVM/OpenJDK components. Affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13, 21.3.9 (plus related OpenJDK/OpenJDK11 advisories). The vulnera...
CVE-2021-2020
CVE-2021-2020 concerns Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.20 and prior. The vulnerability can be exploited by a low-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash, resulting in a complete denial of service. ...
CVE-2021-2030
CVE-2021-2030 affects Oracle MySQL Server (component: Server: Optimizer). Affected are MySQL Server versions 8.0.21 and earlier. A remote, high-privilege attacker with network access via multiple protocols can cause a hang or complete DoS of MySQL Server. Oracle has released updates to fix these ...
CVE-2021-2230
CVE-2021-2230 affects the Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.23 and earlier . The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or crash in MySQL Server, i.e., a DoS ...
CVE-2020-2757
CVE-2020-2757 affects Oracle Java SE/SE Embedded (Serialization). Vulnerable: Java SE: 7u251, 8u241, 11.0.6, 14; SE Embedded: 8u241. Impact: unauthenticated network access leading to partial DoS on Java SE/SE Embedded. Root cause: serialization-related handling in the affected component; sandboxe...
CVE-2021-2065
CVE-2021-2065 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.22 and earlier. Attack requires high privileges and network access; an attacker can cause a hang or crash (complete DoS) in MySQL Server. Remediation: upgrade to a patched release (e.g., MySQL 8.0.26 or ...
CVE-2021-2340
CVE-2021-2340 affects Oracle MySQL Server, specifically the Memcached component, with vulnerable versions 8.0.25 and earlier. The issue can be exploited over the network via multiple protocols and may allow a high-privilege attacker to cause a partial denial of service on MySQL Server. Affected e...
CVE-2021-35603
CVE-2021-35603 is a TLS-related vulnerability in the JSSE component of Java SE and GraalVM Enterprise Edition. Affected: Java SE 7u311, 8u301, 11.0.12, 17; GraalVM EE 20.3.3 and 21.2.0. Description indicates an unauthenticated network attacker could read data from vulnerable Java deployments (e.g...
CVE-2019-2946
CVE-2019-2946 is a vulnerability in Oracle MySQL Server (component: Server: PS) affecting MySQL 5.7.27 and earlier and 8.0.17 and earlier. An attacker with network access and low privileges could cause a hang or crash (DoS) via multiple protocols. Public notices across advisories confirm affected...
CVE-2020-14697
CVE-2020-14697 affects Oracle MySQL MySQL Server (Server: Security: Privileges). Affected versions are 8.0.20 and earlier. The vulnerability is described as easily exploitable with network access via multiple protocols, allowing a high-privilege attacker to take over MySQL Server. Public referenc...
CVE-2020-2830
CVE-2020-2830 affects Oracle Java SE/Java SE Embedded (Concurrency component) with Java SE versions 7u251, 8u241, 11.0.6 and 14; Java SE Embedded 8u241. The vulnerability allows unauthenticated network-based exploitation via multiple protocols, potentially enabling partial denial of service on Ja...
CVE-2020-8174
CVE-2020-8174 is a Node.js vulnerability where napi_get_value_string_*() can trigger memory corruption in affected releases. Affected are Node.js runtimes prior to 10.21.0, 12.18.0, and prior to 14.4.0. Documented mitigations/include patches update Node.js to 10.21.0, 12.18.2, and 14.4.0 respecti...
CVE-2021-2122
CVE-2021-2122 affects Oracle MySQL Server (Server: DDL). Affected: MySQL 8.0.22 and earlier. Description in the CVE notes an easily exploitable vulnerability that, with network access via multiple protocols and a high-privilege attacker, can cause the MySQL Server to hang or crash (DoS). Connecte...
CVE-2019-2911
CVE-2019-2911 affects Oracle MySQL Server (Information Schema) and multiple affected versions (5.6.45 and prior; 5.7.27 and prior; 8.0.17 and prior). The vulnerability enables a high-privileged, network-accessible attacker via multiple protocols to read a subset of MySQL Server data. The initial ...
CVE-2021-35578
CVE-2021-35578 affects Java SE (JSSE) and Oracle GraalVM Enterprise Edition; vulnerable are Java SE 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. Attack requires network access via TLS to targeted APIs, with unauthenticated access and no user interaction, potentially enabling a partial denial ...
CVE-2021-2174
Summary: CVE-2021-2174 αφορά la base de datos Oracle MySQL, específicamente la seguridad de InnoDB en MySQL Server. Afecta versiones 5.7.33 y anteriores y 8.0.23 y anteriores. El fallo, descrito en varias fuentes, permite a un atacante con alto nivel de privilegios y acceso en red a través de múl...
CVE-2021-35588
CVE-2021-35588 is a vulnerability in Oracle Java SE and GraalVM Enterprise Edition (Hotspot component) affecting Java SE 7u311 and 8u301 and GraalVM Enterprise Edition 20.3.3/21.2.0. The issue allows an unauthenticated, network-accessible attacker to exploit multiple protocols after user interact...
CVE-2021-36090
CVE-2021-36090 affects Apache Commons Compress zip handling: reading a specially crafted ZIP can allocate excessive memory, causing an out-of-memory DoS. Supported details from IBM/AWS advisories point to a fix in Commons Compress (upgrade to 1.21+; e.g., Amazon Linux advisories list apache-commo...
CVE-2020-14567
CVE-2020-14567 affects MySQL Server (Replication) and can be exploited over the network by a high-privilege attacker to cause a complete DoS via hangs/crashes. Public sources in connected docs confirm the issue across multiple distributions and indicate patches exist; applying vendor advisories/u...
CVE-2020-2763
CVE-2020-2763 affects Oracle MySQL Server (Server: Replication). Affected: 5.6.47 and earlier, 5.7.29 and earlier, 8.0.19 and earlier. Exploitation via network by a high-privilege attacker can cause a hang or crash (DoS). CVSS v3.0 base 4.9 (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). The CVE entry not...
CVE-2020-2773
CVE-2020-2773 is a vulnerability in Oracle Java SE and Java SE Embedded (component: Security) that can be exploited remotely by unauthenticated attackers to cause a partial denial of service on affected Java runtimes. Affected versions include Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedde...
CVE-2020-2800
CVE-2020-2800 affects Oracle Java SE/Java SE Embedded, specifically the Lightweight HTTP Server component. Affected versions include Java SE 7u251, 8u241, 11.0.6, 14 and Java SE Embedded 8u241. The vulnerability can be exploited over a network with unauthenticated access via multiple protocols, p...
CVE-2021-1998
CVE-2021-1998 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.20 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to compromise MySQL Server, potentially allowing unauthorized update/in...
CVE-2021-2232
CVE-2021-2232 affects Oracle MySQL Server, specifically the Server: Group Replication Plugin . Affected are MySQL 8.0.23 and earlier . The initial sources describe a vulnerability that, when exploited by a high-privileged attacker with local access to the MySQL server host, can lead to a partial ...
CVE-2021-2372
CVE-2021-2372 affects Oracle MySQL Server (InnoDB) with vulnerable versions 5.7.34 and earlier and 8.0.25 and earlier. The flaw allows a high-privilege attacker with network access to cause a hang or frequent crash (DoS) of MySQL Server; CVSS 3.1 base score 4.4 (Availability). Connected documents...
CVE-2024-21140
CVE-2024-21140 affects Oracle Java SE and Oracle GraalVM products (Hotspot, 2D, Networking, Serialization, Concurrency). Affects multiple supported Java runtimes (e.g., Java SE 8u411/11.0.23/17.0.11/22.0.1; GraalVM JDK 17.0.11/21.0.3/22.0.1; GraalVM EE 20.3.14/21.3.10). Described as remotely expl...
CVE-2021-21350
CVE-2021-21350 affects the XStream Java library. Connected sources confirm that before version 1.4.16 XStream allowed remote code execution by manipulating the processed input stream, with guidance to enable a security whitelist and upgrade to at least 1.4.16. Debian security advisories (DSA-5004...
CVE-2021-2146
The CVE-2021-2146 entry describes a vulnerability in Oracle MySQL Server (component: Server: Options) affecting MySQL 5.7.33 and earlier and 8.0.23 and earlier. It allows a high‑privileged attacker with network access via multiple protocols to cause the server to hang or crash (DoS). Public advis...
CVE-2023-22078
CVE-2023-22078 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier, and 8.1.0. An attacker with network access via multiple protocols can trigger a hang or crash (DoS) on MySQL Server, exploiting the Optimizer component. The CVSS 3.1 base score is 4.9 (Availa...
CVE-2024-38808
The CVE-2024-38808 DoS in Spring Framework is triggered when an application evaluates user-supplied SpEL expressions in versions 5.3.0–5.3.38 and older unsupported releases. The vulnerability is due to how SpEL expressions may be crafted to exhaust resources, leading to denial of service. Several...
CVE-2021-2293
CVE-2021-2293 affects Oracle MySQL Server (Server: Stored Procedure). Affected versions: 8.0.23 and earlier. Exploitation is possible by a high-privilege attacker with network access via multiple protocols, potentially causing a hang or crash (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Avail...
CVE-2021-2354
CVE-2021-2354 affects Oracle MySQL Server (component: Server: Federated). Affected versions are 8.0.25 and earlier. The vulnerability can allow a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (complete DoS). Connected documents provi...
CVE-2020-14593
CVE-2020-14593 is a vulnerability in the 2D component of Oracle Java SE/SE Embedded. Affected: Java SE 7u261, 8u251, 11.0.7, 14.0.1; Java SE Embedded 8u251. Vulnerability type is unspecified in the provided sources, but exploitation is described as unauthenticated with network access via multiple...
CVE-2020-14672
The CVE-2020-14672 issue affects Oracle MySQL Server (Server: Stored Procedure) and impacts MySQL Server versions 5.6.49 and earlier, 5.7.31 and earlier, and 8.0.21 and earlier. It can be triggered by a network-accessible attacker to cause a hang or a frequent crash (DoS). The vulnerability arise...
CVE-2021-2339
CVE-2021-2339 affects Oracle MySQL Server (component: Server: DDL). Affected are MySQL 8.0.25 and earlier. The vulnerability can be exploited remotely by a high-privilege attacker with network access via multiple protocols to cause a hang or a frequent, repeatable crash (DoS). Some connected advi...
CVE-2022-21278
CVE-2022-21278 affects Oracle MySQL Server (Server: Optimizer). Public sources in connected documents describe a vulnerability due to improper input validation in the Server: Optimizer. Affected versions are 8.0.26 and earlier. Successful exploitation via network from a low-privilege, unauthentic...
CVE-2020-2686
CVE-2020-2686 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.18 and earlier. The vulnerability allows a low-privileged attacker with network access via multiple protocols to potentially cause a hang or a frequently repeating crash (complete DO...
CVE-2020-2853
Summary of CVE-2020-2853 (MySQL) : In Oracle MySQL Server, a vulnerability in the Server: Security: Privileges component affects 8.0.18 and earlier, enabling a highly privileged attacker with network access (via multiple protocols) to trigger a hang or crash of MySQL Server (denial of service). T...
CVE-2021-2169
CVE-2021-2169 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 5.7.33 and prior, and 8.0.23 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DoS). The CVSSv3.1 base...
CVE-2021-35624
CVE-2021-35624 affects Oracle MySQL Server (Server: Security: Privileges). Affected versions: MySQL 5.7.35 and earlier, and 8.0.26 and earlier. Description from the CVE entry: a high‑privileged attacker with network access via multiple protocols can compromise MySQL Server, potentially leading to...
CVE-2020-2577
CVE-2020-2577 affects Oracle MySQL Server: InnoDB is the vulnerable component. Affected versions are 5.7.28 and earlier, and 8.0.18 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Connected...
CVE-2020-2584
CVE-2020-2584 affects Oracle MySQL Server (component: Server: Options). Affected versions are 5.7.28 and prior, and 8.0.18 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise MySQL Server, potentially leading to unauthorized acces...
CVE-2020-2930
CVE-2020-2930 affects Oracle MySQL's MySQL Server, component Server: Parser. Affects 8.0.19 and earlier; exploitation can enable a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). Remediation referenced in a related package update is upgrading to ...
CVE-2021-2028
CVE-2021-2028 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.21 and earlier. Vulnerability details: a high-privilege attacker with network access via multiple protocols can cause a complete DoS by hanging or crashing the MySQL Server. This matches the initial vulnerability descri...
CVE-2021-2352
CVE-2021-2352 affects Oracle MySQL Server (component: Server: DDL). Affected versions: 8.0.25 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or crash of the MySQL Server, resulting in a denial of service. Remediation: upgrade to a fixed re...
CVE-2023-22092
CVE-2023-22092 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier. The vulnerability allows a high-privilege attacker with network access (via multiple protocols) to cause a complete DoS of MySQL Server. No exploit details are provided in the initial documen...
CVE-2020-14539
CVE-2020-14539 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and earlier. Exploitation can cause a hang or crash (DoS) with network access via multiple protocols. Cited connected advisories recommend upgrading to non-vu...
CVE-2020-14583
CVE-2020-14583 affects Oracle Java SE/Java SE Embedded (Libraries component). Affected: Java SE 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded 8u251. Exploitation requires network access with user interaction and can lead to takeover of Java SE/Embedded with high impact on confidentiality, int...
CVE-2020-14663
CVE-2020-14663 affects Oracle MySQL Server (component: Server: Security: Privileges). Affected: MySQL 8.0.20 and earlier. Root cause: privilege escalation through the Server security subsystem allowing a high-privilege attacker to compromise the MySQL Server over network via multiple protocols. I...
CVE-2020-2573
CVE-2020-2573 affects Oracle MySQL’s C API client. Affects: MySQL Client, versions 5.7.28 and earlier, and 8.0.18 and earlier. Root cause: a vulnerability in the C API that allows an unauthenticated, network-based attacker access via multiple protocols to cause a hang or frequent, repeatable cras...