971 matches found
CVE-2020-2573
CVE-2020-2573 affects Oracle MySQL’s C API client. Affects: MySQL Client, versions 5.7.28 and earlier, and 8.0.18 and earlier. Root cause: a vulnerability in the C API that allows an unauthenticated, network-based attacker access via multiple protocols to cause a hang or frequent, repeatable cras...
CVE-2020-2904
CVE-2020-2904 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions: 8.0.19 and earlier. The issue enables a high-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (complete DoS) of MySQL Server. The connected sources indicate ...
CVE-2020-14852
CVE-2020-14852 affects Oracle MySQL Server (Server: Charsets) and
CVE-2023-22112
CVE-2023-22112 concerns Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.34 and earlier. Exploitation requires remote authentication with network access; impact is availability: attacker can cause hang or complete DoS via multiple protocols. Several connected advisories (Debian, AlmaL...
CVE-2020-2781
CVE-2020-2781 concerns Oracle/OpenJDK Java SE JSSE vulnerability that allows unauthenticated network access to degrade availability in Java SE and Java SE Embedded (client/server deployment). The Chainguard data confirms affected OpenJDK JSSE components and versions, aligning with the CVE descrip...
CVE-2021-2058
CVE-2021-2058 affects Oracle MySQL Server (component: Server: Locking) with affected versions 8.0.22 and earlier. The vulnerability allows a high-privileged attacker who can access the server over the network via multiple protocols to cause a hang or frequently repeatable crash (DoS) of MySQL Ser...
CVE-2020-14830
CVE-2020-14830 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.21 and earlier. Description across sources: low-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or frequently crash (complete DoS). The connected documents confirm ...
CVE-2021-2202
CVE-2021-2202 affects Oracle MySQL Server (Server: Replication). Affected: MySQL 5.7.32 and earlier; 8.0.22 and earlier. Exploitation by a low-privileged, network-authenticated attacker via multiple protocols can cause a hang or repeated crash (DoS) of MySQL Server (CVSS v3.1 base 6.5, Availabili...
CVE-2020-14777
Oracle MySQL Server vulnerability CVE-2020-14777 affects the Server: Optimizer in MySQL 8.0.21 and earlier. An attacker with network access via multiple protocols and high privileges can cause the server to hang or crash (DoS). Affected product/version details are supported in connected documents...
CVE-2021-21348
XStream (Java) before version 1.4.16 is vulnerable to a denial of service where a remote attacker can cause a thread to consume maximum CPU time and not return. Public documents consistently describe the issue as affecting XStream’s XML deserialization, with mitigation requiring upgrading to at l...
CVE-2019-2914
CVE-2019-2914 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected versions: 5.7.27 and prior, 8.0.17 and prior. Exploitation requires low privileges and network access; can result in a hang or complete DoS of MySQL Server (A: HIGH). CVSS 3.0 base score 6.5 (Availabilit...
CVE-2020-14796
CVE-2020-14796 affects the Libraries component in Oracle Java SE/Java SE Embedded across multiple OpenJDK builds (e.g., Java-7u271? Java-8u261? Java-11.0.8? Java-15; Embedded 8u261). The vulnerability can be exploited by an unauthenticated attacker over network protocols, but exploitation require...
CVE-2020-14867
CVE-2020-14867 affects Oracle MySQL Server (Server: DDL). Affected versions are 5.6.49 and earlier, 5.7.31 and earlier, and 8.0.21 and earlier. The vulnerability can be exploited by a highly privileged attacker with network access via multiple protocols to cause the MySQL Server to hang or crash ...
CVE-2020-2756
CVE-2020-2756 affects Oracle Java SE/Java SE Embedded (component: Serialization). Affected: Java SE 7u251, 8u241, 11.0.6, 14; Java SE Embedded 8u241. An unauthenticated, network-exposed attacker can exploit to cause a partial Denial of Service. Connected advisories show remediation via updating t...
CVE-2020-2898
CVE-2020-2898 affects Oracle MySQL Server, specifically the Server: Charsets component in version 8.0.19. The vulnerability can allow a high-privilege attacker with network access to cause a hang or crash (DoS) of MySQL Server. Connected sources corroborate the issue as a denial-of-service-type v...
CVE-2021-35567
CVE-2021-35567 affects Oracle Java SE and GraalVM Enterprise Edition libraries; root cause is incorrect principal selection when Kerberos Constrained Delegation is used. Affected: Java SE 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0 (Libraries component). Impact includes potential unauthorized...
CVE-2020-14540
CVE-2020-14540 affects Oracle MySQL Server (Server: DML). Affected: MySQL 5.7.30 and earlier and 8.0.20 and earlier. Exploitation can allow a high-privilege attacker with network access via multiple protocols to cause a denial of service (hang or crash). Remediation in public advisories: upgrade ...
CVE-2020-14559
CVE-2020-14559 affects Oracle MySQL Server, specifically the Server: Information Schema component. Affected: MySQL Server versions 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and earlier. The vulnerability allows a low-privilege, network-accessible attacker to read a subset of data from My...
CVE-2020-14678
CVE-2020-14678 affects the MySQL Server component “Server: Security: Privileges” in Oracle MySQL. Affected versions are 8.0.20 and prior. The exploit requires network access via multiple protocols and a high-privilege attacker can compromise and take over the MySQL Server. Public advisories align...
CVE-2020-14773
CVE-2020-14773 affects Oracle MySQL Server (Server: Optimizer). Affected versions: 8.0.21 and earlier. An attacker with high privileges and network access via multiple protocols can trigger a hang or crash (DoS) of MySQL Server. The entry does not describe specific exploit vectors or affected con...
CVE-2020-14790
Oracle MySQL Server (Server: PS) is affected in 5.7.31 and earlier and 8.0.21 and earlier. An attacker with network access via multiple protocols can exploit this to cause the server to hang or crash (DoS). Public details show suggested fixes via upgrading to newer MySQL versions (e.g., MySQL 8.0...
CVE-2020-2583
CVE-2020-2583 affects OpenJDK/OpenJDK-derived packages across multiple vendors and OSes, with the Serialization component (and related areas) being impacted. Public advisories in Debian (DLA-2128-1) and CentOS/Red Hat family outline affected versions such as Java 7u241/8u231/11.0.5/13.0.1 (and em...
CVE-2020-2893
CVE-2020-2893 is an Oracle MySQL InnoDB vulnerability affecting 8.0.19 and earlier. An attacker with network access and high privileges can cause a hang or crash (denial of service) via multiple protocols. Connected sources enumerate this issue under MySQL Server/InnoDB and corroborate the 4.9 CV...
CVE-2021-2217
CVE-2021-2217 affects Oracle MySQL Server (component: Server: Stored Procedure) with vulnerable versions 8.0.23 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause a hang or crash (Denial of Service) of MySQL Server (CVSS v3.1 base 4.9). Pub...
CVE-2024-21012
The CVE-2024-21012 entry concerns Oracle Java SE and Oracle GraalVM variants (JDK and Enterprise Edition) with a Networking component vulnerability. Affected products/versions include Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; GraalVM for JDK: 17.0.10, 21.0.2, 22; GraalVM Enterprise Edition: 2...
CVE-2020-14579
CVE-2020-14579 affects Oracle Java SE/Embedded (Libraries component) with affected Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. The connected advisories confirm network-remote, unauthenticated access leading to a partial denial of service via multiple protocols, per CVSS 3.1 Base Score 3.7 ...
CVE-2020-14619
CVE-2020-14619 affects Oracle MySQL Server 8.0.20 and earlier, due to a vulnerability in Server: Parser that can cause a denial of service. Exploitation could lead to a hang or frequent crash. Remediation is to upgrade to a newer MySQL 8.0 release; distros list fixes (e.g., Gentoo: >=8.0.24, A...
CVE-2020-14792
CVE-2020-14792 is an Oracle Java OpenJDK vulnerability affecting Java SE and Embedded runtimes (Hotspot/Libraries components) with the root issue described as “Better range handling.” Affected versions include Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. The connected advisories...
CVE-2020-14837
CVE-2020-14837 affects Oracle MySQL Server 8.0.21 and earlier, specifically the Server: Optimizer component. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (DoS). CVSS 3.1 base score is 4.9 (Availability). Affected v...
CVE-2020-2897
CVE-2020-2897 affects Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.19 and earlier. The vulnerability enables a high-privilege attacker who can reach the server over multiple network protocols to cause a hang or frequent crash (denial of service) of MySQL Server. T...
CVE-2021-2055
CVE-2021-2055 affects the MySQL Server (Oracle) with the Server: Optimizer component, affecting 8.0.21 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (DoS) of MySQL Server, with CVSS v3.1 b...
CVE-2020-14769
CVE-2020-14769 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 5.6.49 and prior, 5.7.31 and prior, 8.0.21 and prior. The vulnerability in the Optimizer can be exploited by a low-privilege, network-contact attacker to cause the server to hang or crash (DoS). CVSSv3.1 base score 6....
CVE-2021-2160
CVE-2021-2160 affects Oracle MySQL Server (Server: Optimizer). Affects MySQL 5.7.30 and earlier, and 8.0.17 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause the server to hang/crash (DoS). The vulnerability details and CVSS indicate avail...
CVE-2021-2193
CVE-2021-2193 affects Oracle MySQL Server (component: Server: Optimizer). Vulnerable in MySQL 8.0.23 and earlier. Root cause described as an easily exploitable feature/condition enabling a high-privileged attacker with network access (via multiple protocols) to cause a hang or frequently repeatab...
CVE-2021-2208
CVE-2021-2208 affects Oracle MySQL Server (Server: Partition) with affected versions 8.0.23 and earlier. The vulnerability can be exploited by an authenticated, high-privilege attacker over network via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Connected sources confirm th...
CVE-2020-14794
CVE-2020-14794 affects Oracle MySQL Server 8.0.21 and earlier (Server: Optimizer). The vulnerability can cause the server to hang or crash, enabling a high-privilege attacker with network access to trigger a complete DoS. Public sources in the connected set corroborate the issue and identify the ...
CVE-2020-2588
CVE-2020-2588 is a MySQL Server vulnerability (Oracle MySQL) in the Server: DML component. Affected products/versions shown in the sources are MySQL 8.0.18 and earlier. The issue is exploitable by a high-privilege attacker with network access via multiple protocols, and successful exploitation ca...
CVE-2020-2896
CVE-2020-2896 affects the MySQL Server (Oracle MySQL), specifically the Server: Information Schema component. Affected are 8.0.19 and earlier. The vulnerability allows a high-privilege attacker who has network access via multiple protocols to cause the MySQL Server to hang or crash (complete deni...
CVE-2020-2924
CVE-2020-2924 affects Oracle MySQL Server (component: Server: Optimizer) with vulnerable versions 8.0.19 and earlier. The issue can be exploited by a highly privileged attacker over the network via multiple protocols to cause a hang or crash of MySQL Server (complete DoS). The provided documents ...
CVE-2021-2215
CVE-2021-2215 affects Oracle MySQL Server (Server: Stored Procedure) with affected versions 8.0.23 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause a hang or a repeatable crash (DoS) of MySQL Server. The CVSS 3.1 bas...
CVE-2021-35556
CVE-2021-35556 is a vulnerability in the Swing component of Java SE (and related GraalVM Enterprise Edition versions) affecting Java SE 7u311, 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. An unauthenticated attacker with network access via multiple protocols can potentially exploit this to ca...
CVE-2020-14785
CVE-2020-14785 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions up to 8.0.21 and earlier. The issue allows a high-privilege attacker who can reach the server over multiple network protocols to cause the MySQL Server to hang or crash, producing a denial of service. Practica...
CVE-2020-2604
CVE-2020-2604 affects Oracle Java SE/Java SE Embedded Serialization. Affected: Java SE 7u241, 8u231, 11.0.5, 13.0.1; Java SE Embedded 8u231. Described impact: unauthenticated, network-based attacker can take over the Java environment; high confidentiality, integrity, and availability impact (CVSS...
CVE-2020-2923
CVE-2020-2923 affects Oracle MySQL Server, component Server: Optimizer, with affected versions 8.0.19 and earlier. The vulnerability allows a high-privileged attacker who can access the service over network through multiple protocols to cause a hang or crash (Denial of Service). The connected Alm...
CVE-2021-2006
CVE-2021-2006 affects Oracle MySQL Client (C API). Affected: MySQL Client, version 8.0.19 and prior. Condition: low-privilege attacker with network access via multiple protocols. Impact: can cause a hang or crash of the MySQL Client (complete DoS) as described in the CVE. Exploitation details are...
CVE-2021-2178
CVE-2021-2178 affects Oracle MySQL Server (Server: Replication). Affected versions: MySQL 5.7.32 and earlier, and 8.0.22 and earlier. The vulnerability is exploitable by a low-privileged attacker with network access via multiple protocols, potentially causing a hang or a frequently repeatable cra...
CVE-2024-21047
CVE-2024-21047 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.36 and earlier and 8.3.0 and earlier. It enables a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DOS). Several sources (NVD/NASL references via Tenable/TSSA advisories) co...
CVE-2024-21094
CVE-2024-21094 affects Oracle Java SE Hotspot and Oracle GraalVM variants, with affected versions including Java SE 8u401/11.0.22/17.0.10/21.0.2/22 and GraalVM JDK 17.0.10/21.0.2/22, and GraalVM Enterprise 20.3.13/21.3.9. The vulnerability can be exploited remotely via multiple protocols to allow...
CVE-2019-3018
CVE-2019-3018 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.17 and earlier. The vulnerability allows a high-privilege attacker who can reach the server over multiple protocols to cause a hang or a frequently repeatable crash (complete DOS) of MySQL Server. Root cause is tied to ...
CVE-2020-14547
CVE-2020-14547 affects Oracle MySQL Server, component Server: Optimizer. Affected versions include MySQL 5.7.30 and earlier and 8.0.20 and earlier. The vulnerability permits network-accessed exploitation by a high-privileged attacker to cause a hang or frequent, repeatable crashes (DOS) of MySQL ...