Lucene search
K
NetappOncommand Insight

971 matches found

CVE
CVE
added 2022/01/19 11:23 a.m.381 views

CVE-2022-21305

CVE-2022-21305 is present across multiple Oracle Java SE and GraalVM Enterprise Edition components (Hotspot, Serialization, JAXP, ImageIO, Libraries, 2D/3D) affecting Java versions 7u321, 8u311, 11.0.13, 17.0.1 (and GraalVM EE 20.3.4/21.3.0). Public advisories describe unauthenticated network-bas...

5.3CVSS4.7AI score0.02755EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.380 views

CVE-2020-2627

CVE-2020-2627 affects MySQL Server (Oracle MySQL), specifically the Parser component in MySQL 8.0.18 and earlier. The vulnerability is described as easily exploitable with network access via multiple protocols, potentially causing the MySQL Server to hang or crash (complete DOS) via the Parser. C...

6.5CVSS6.2AI score0.02055EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.380 views

CVE-2020-2903

CVE-2020-2903 affects Oracle MySQL Server (Server: Connection Handling). Affected: MySQL 8.0.19 and earlier. Exploitation requires network access and a high-privilege attacker can cause a hang or crash (DoS) via multiple protocols. CVSS v3 base 4.9 (A: High). Remediation: upgrade to a fixed relea...

4.9CVSS4.8AI score0.02199EPSS
CVE
CVE
added 2021/04/22 9:54 p.m.380 views

CVE-2021-2298

CVE-2021-2298 affects Oracle MySQL Server, component Server: Optimizer, with affected versions 8.0.23 and earlier. It is a network-exploitable issue where a low-privileged attacker can cause a hang or frequent crash (DoS). Evidence across sources confirms the vulnerability details and the potenti...

6.5CVSS6.2AI score0.01487EPSS
CVE
CVE
added 2021/05/05 3:30 p.m.380 views

CVE-2021-29489

Highcharts JS (charting library) versions 8 and earlier are vulnerable to cross-site scripting due to inadequate filtering of the chart options structure for XSS vectors. The vulnerability can allow execution of untrusted script in the end user’s browser if the configuration contains malicious in...

7.6CVSS5.5AI score0.00867EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.380 views

CVE-2024-21047

CVE-2024-21047 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.36 and earlier and 8.3.0 and earlier. It enables a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DOS). Several sources (NVD/NASL references via Tenable/TSSA advisories) co...

4.9CVSS4.8AI score0.00928EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.379 views

CVE-2020-14553

CVE-2020-14553 affects Oracle MySQL Server (Server: Pluggable Auth) with versions 5.7.30 and prior and 8.0.20 and prior. The vulnerability allows a low-privilege, network-accessible attacker to perform unauthorized updates to MySQL data (I:LOW, A:N) via multiple protocols. Public sources confirm ...

4.3CVSS4.1AI score0.01956EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.379 views

CVE-2020-14828

CVE-2020-14828 affects Oracle MySQL Server (Server: DML) and is detailed in related documents as affecting MySQL 8.0.21 and earlier. The vulnerability is described as easily exploitable, allowing a high-privilege attacker with network access via multiple protocols to take over the MySQL Server, w...

7.2CVSS6.8AI score0.01873EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.379 views

CVE-2021-2179

CVE-2021-2179 affects Oracle MySQL Server (component: Server: Group Replication Plugin). Affected versions include MySQL 5.7.33 and earlier and 8.0.23 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent crash (DoS...

4.9CVSS4.9AI score0.02043EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.378 views

CVE-2019-2991

CVE-2019-2991: A vulnerability in Oracle MySQL Server (Server: Optimizer) affects MySQL 8.0.x

5.5CVSS5.3AI score0.02466EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.378 views

CVE-2019-3011

CVE-2019-3011 affects Oracle MySQL Server (Server: C API). Affected versions are 8.0.17 and prior; attacker with network access via multiple protocols can cause MySQL Server to hang or crash (DoS). Multiple connected advisories reference this CVE within the MySQL 8.0 stack (InnoDB/C API/Parser/et...

6.5CVSS6.1AI score0.02653EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.378 views

CVE-2020-2601

CVE-2020-2601 affects Oracle Java SE and Java SE Embedded Security components. Affected Java SE: 7u241, 8u231, 11.0.5, 13.0.1; Java SE Embedded: 8u231. Root cause is a Kerberos-related issue that can be exploited by an unauthenticated attacker with network access, potentially allowing access to s...

6.8CVSS6.7AI score0.04196EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.378 views

CVE-2020-2755

CVE-2020-2755 is reported in the Oracle Java SE scripting component affecting Java SE 8u241, 11.0.6 and 14 (and Java SE Embedded 8u241). The vulnerability allows an unauthenticated attacker with network access to cause a partial denial of service in Java SE/Java SE Embedded. The CVSS base score i...

4.3CVSS4.2AI score0.03899EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.378 views

CVE-2021-2164

CVE-2021-2164 affects Oracle MySQL Server (Server: Optimizer) with affected versions up to 8.0.23. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or a repeatable crash (DoS). Connected advisories indicate a fix is available in later M...

4.9CVSS4.9AI score0.02072EPSS
CVE
CVE
added 2021/04/22 9:54 p.m.378 views

CVE-2021-2301

CVE-2021-2301 affects Oracle MySQL Server (component: Server: Information Schema). Public records show affected versions up to 8.0.23. The vulnerability allows a high-privilege attacker with network access via multiple protocols to obtain unauthorized read access from the Information Schema data....

4CVSS3.1AI score0.01012EPSS
CVE
CVE
added 2021/04/22 9:54 p.m.378 views

CVE-2021-2304

CVE-2021-2304 affects Oracle MySQL Server (Server: Stored Procedure) in MySQL 8.0.23 and earlier. The underlying issue enables a high-privilege attacker, over network via multiple protocols, to cause a hang or crash (DoS) and to perform unauthorized updates/deletes on accessible data. Patches exi...

5.5CVSS5.5AI score0.01156EPSS
CVE
CVE
added 2021/04/22 9:54 p.m.378 views

CVE-2021-2305

CVE-2021-2305 affects Oracle MySQL Server (component: Server: DML) and impacts users running MySQL Server 8.0.23 and earlier. The vulnerability arises in the Server: DML area and can be exploited by a high-privilege attacker with network access via multiple protocols, potentially allowing the att...

4.9CVSS4.9AI score0.01188EPSS
CVE
CVE
added 2021/04/22 9:54 p.m.378 views

CVE-2021-2308

CVE-2021-2308 affects Oracle MySQL Server, component Server: Information Schema. Affected: MySQL 8.0.23 and earlier. Vulnerability allows a high-privilege attacker with network access via multiple protocols to read a subset of MySQL Server data. CVSSv3.1 base score 2.7 (LOW); vector: AV:N/AC:L/PR...

4CVSS3.1AI score0.00955EPSS
CVE
CVE
added 2022/02/24 12:0 a.m.378 views

CVE-2022-21824

CVE-2022-21824 is a prototype pollution vulnerability in Node.js linked to console.table properties. It affects Node.js prior to patched releases and can be triggered when user-controlled data is passed as the first parameter with a plain object containing an own property such as proto . Public a...

8.2CVSS8.1AI score0.21514EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.377 views

CVE-2019-2967

CVE-2019-2967 is a vulnerability in Oracle MySQL Server (Server: Optimizer) affecting 8.0.17 and older. An attacker with low privileges and network access via multiple protocols can exploit it to cause a hang or crash (DoS). The exploit details and CVSS context are reflected across multiple advis...

6.5CVSS6.1AI score0.02653EPSS
CVE
CVE
added 2020/01/15 4:34 p.m.377 views

CVE-2020-2660

CVE-2020-2660 affects Oracle MySQL's MySQL Server (component: Server: Optimizer). The cited description indicates an easily exploitable, network-accessible vulnerability allowing a high-privilege attacker to cause a hang or a frequent crash (complete DOS) of MySQL Server. Affected versions are 5....

4.9CVSS4.8AI score0.01878EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.377 views

CVE-2020-2762

CVE-2020-2762 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.19 and earlier. The root cause is within the InnoDB component, enabling a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) on the MySQL Server. Impact is Availability (...

4.9CVSS4.8AI score0.02522EPSS
CVE
CVE
added 2022/04/19 8:38 p.m.377 views

CVE-2022-21496

CVE-2022-21496 affects Oracle Java SE and Oracle GraalVM Enterprise Edition across multiple components (JNDI, JAXP, Libraries, Hotspot) with listed affected versions. The vulnerability enables network-accessible, unauthenticated attackers to modify or access data (integrity/availability impacts) ...

5.3CVSS5.3AI score0.02805EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.376 views

CVE-2020-14633

CVE-2020-14633 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.20 and earlier. The vulnerability enables a high-privileged attacker with network access via multiple protocols to perform unauthorized update/insert/delete on MySQL Server data. The connected advisories corroborate mu...

4CVSS3.4AI score0.01406EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.376 views

CVE-2020-14643

CVE-2020-14643 affects Oracle MySQL’s MySQL Server (component: Server: Security: Roles). The vulnerability targets MySQL Server versions 8.0.20 and earlier. An attacker with network access through multiple protocols and high privileges can exploit this issue to cause a hang or a frequently repeat...

5.5CVSS5.4AI score0.0215EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.376 views

CVE-2020-14829

CVE-2020-14829 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.21 and earlier. The flaw allows a high-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (complete DoS) of MySQL Server. CVSS v3.1 base score is 4.9 (Availability impact)...

6.8CVSS5.1AI score0.01945EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.376 views

CVE-2020-2761

CVE-2020-2761 affects Oracle MySQL Server (Server: Security: Privileges) in MySQL 8.0.18 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause a hang or crash (DoS). Remediation is to upgrade MySQL to a version where the fix is included (per A...

4.9CVSS4.9AI score0.02001EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.376 views

CVE-2020-2805

CVE-2020-2805 is an OpenJDK/OpenJDK Libraries issue. The connected Chainguard entry states the flaw resides in the readObject() method of the MethodType class within the Libraries component of OpenJDK, which can allow an untrusted Java applet or application to bypass Java sandbox restrictions. Th...

8.3CVSS8.2AI score0.04051EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.376 views

CVE-2021-2196

CVE-2021-2196 affects Oracle MySQL Server (component: Server: DML). Affected versions: 8.0.23 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or frequent crash (DoS). No exploitation details are provided in the documents. Remediation status...

4.9CVSS4.9AI score0.02043EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.376 views

CVE-2021-2278

CVE-2021-2278 affects Oracle MySQL Server, component Server: Optimizer. Affected: MySQL 8.0.23 and prior. An attacker with high privileges and network access via multiple protocols can trigger a hang or crash of MySQL Server (complete DoS). Documents corroborate impact as a denial of service with...

4.9CVSS4.9AI score0.01338EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.375 views

CVE-2019-3009

CVE-2019-3009 affects Oracle MySQL Server (Server: Connection). Affected versions are 8.0.17 and earlier. The root cause, as described in the public entry and corroborated by linked advisories, is a condition that enables a high-privilege attacker who can access the server over multiple protocols...

4.4CVSS4.4AI score0.02527EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.375 views

CVE-2020-14804

CVE-2020-14804 affects Oracle MySQL Server (component: Server: FTS). Affected versions: 8.0.21 and earlier. An attacker with high privileges, over the network via multiple protocols, can cause a hang or crash (DoS) in MySQL Server. Remediation in connected docs shows upgrading to MySQL 8.0.26 (an...

4.9CVSS5.1AI score0.01778EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.375 views

CVE-2020-14848

CVE-2020-14848 affects MySQL Server (Oracle MySQL), specifically the InnoDB component. Affected products/versions: MySQL 8.0.21 and earlier. Description from connected docs: an authenticated attacker with network access via multiple protocols can exploit this to trigger a hang or a frequently rep...

6.8CVSS5AI score0.02293EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.375 views

CVE-2020-2774

CVE-2020-2774 affects Oracle MySQL Server 8.0.18 and earlier, involving the Server: Security: Privileges area. A high-privilege attacker with network access via multiple protocols can cause a hang or frequent crash (DoS) of MySQL Server. The available connected documents confirm the vulnerability...

4.9CVSS4.9AI score0.02461EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.375 views

CVE-2020-2895

CVE-2020-2895 affects Oracle MySQL Server, InnoDB component. Affected: MySQL 8.0.19 and earlier. Vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. CVSS 3.0 base score 4.9 (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)...

4.9CVSS4.8AI score0.02433EPSS
CVE
CVE
added 2021/07/22 5:28 p.m.375 views

CVE-2021-36222

CVE-2021-36222 affects MIT Kerberos 5 (krb5) KDC: the ec_verify path in kdc/kdc_preauth_ec.c can trigger a NULL pointer dereference and daemon crash. The issue occurs in KDC processing for PA-ENCRYPTED-CHALLENGE data when not correctly handling a return value in certain situations, leading to a d...

7.5CVSS7.4AI score0.10276EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.374 views

CVE-2019-2960

CVE-2019-2960 refers to a vulnerability in Oracle MySQL Server (Server: Replication). Affected versions are MySQL 5.7.27 and prior and 8.0.17 and prior. The issue is exploitable with network access via multiple protocols by a high-privilege attacker and can lead to a hang or frequently repeatable...

4.9CVSS4.8AI score0.02593EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.374 views

CVE-2019-2963

CVE-2019-2963 affects Oracle MySQL Server (InnoDB). According to the supplied connected advisories, vulnerable versions are MySQL 8.0.17 and earlier. The vulnerability enables high-privilege, network-access attackers to cause the MySQL Server to hang or crash (denial of service). The documents do...

4.9CVSS4.8AI score0.02555EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.374 views

CVE-2019-3004

CVE-2019-3004 affects Oracle MySQL Server (component: Server: Parser). Affected: MySQL Server 8.0.17 and earlier. Description: a low-privilege, network-accessible attacker can cause a hang or as-needed crash (complete DOS) of MySQL Server via multiple protocols. Connected documents corroborate pr...

6.5CVSS6.1AI score0.02653EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.374 views

CVE-2021-2212

CVE-2021-2212 affects Oracle MySQL Server (Server: Optimizer) up to and including 8.0.23. The vulnerability exists in the optimizer component and, per sources, is exploitable by a high-privilege attacker who can reach the server over the network via multiple protocols, with the stated impact of a...

4.9CVSS4.9AI score0.01319EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.374 views

CVE-2021-35610

CVE-2021-35610 affects Oracle MySQL Server (component: Server: Optimizer) for MySQL versions 8.0.26 and earlier. The vulnerability can be triggered by a low-privileged user with network access over multiple protocols, potentially causing a hang or crash (DoS) and enabling unauthorized data update...

7.1CVSS6.6AI score0.02192EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.373 views

CVE-2019-2957

CVE-2019-2957 is a vulnerability in Oracle MySQL Server (Server: Security: Encryption) affecting MySQL 8.0.17 and earlier. The issue allows a highly privileged attacker who can reach the server over multiple network protocols to trigger a hang or crash (complete or frequent DOS) in MySQL Server. ...

4.9CVSS4.8AI score0.01789EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.373 views

CVE-2019-2993

CVE-2019-2993 is a vulnerability in Oracle MySQL’s MySQL Server, specifically the Server: C API component. Affected versions include MySQL 5.7.27 and earlier and 8.0.17 and earlier. The vulnerability is described as difficult to exploit but, if exploited by a low-privilege attacker with network a...

5.3CVSS5.2AI score0.02226EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.373 views

CVE-2020-14568

The CVE-2020-14568 issue affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.20 and earlier. The root cause involves InnoDB-related vulnerabilities that can allow a high-privileged attacker with network access to cause a hang or a frequent crash (complete DoS) of MySQL Server via mu...

4.9CVSS4.9AI score0.02419EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.373 views

CVE-2020-14624

CVE-2020-14624 is a MySQL Server vulnerability affecting the Server: JSON component. The available documents identify affected versions as 8.0.20 and prior, with exploitation requiring network access via multiple protocols. Successful attacks can cause the MySQL Server to hang or crash (complete ...

4.9CVSS4.9AI score0.02142EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.373 views

CVE-2020-14680

CVE-2020-14680 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected are MySQL Server versions 8.0.20 and earlier . The vulnerability is exploitable remotely via multiple protocols by a low-privilege attacker , resulting in a possible hang or crash (DENIAL OF SERVICE...

6.5CVSS6.2AI score0.02087EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.373 views

CVE-2020-14782

CVE-2020-14782 affects Oracle/OpenJDK Java SE/SE Embedded libraries (notably the Certificates processing) with affected versions including Java 7u271, 8u261, 11.0.8, 15 and Java SE Embedded 8u261. Connected advisory data confirms multiple vendors package updates across OpenJDK variants (e.g., ALA...

4.3CVSS3.8AI score0.02245EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.373 views

CVE-2021-2172

CVE-2021-2172 affects Oracle MySQL Server (Server: DML) for 8.0.23 and earlier. An attacker with network access via multiple protocols and low privileges can cause a hang or crash (DoS). CVSSv3.1 base score 6.5 (A: High). Remediation exists in newer MySQL 8.0 releases (e.g., Fedora/AlmaLinux advi...

6.5CVSS6.2AI score0.02093EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.373 views

CVE-2021-2201

CVE-2021-2201 affects Oracle MySQL Server (Server: Partition) and is described across multiple sources as affecting MySQL 8.0.23 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) in MySQL Server, with CVSS 3.1...

4.9CVSS4.9AI score0.01283EPSS
CVE
CVE
added 2022/01/19 11:22 a.m.373 views

CVE-2022-21248

CVE-2022-21248 affects Oracle Java SE and GraalVM Enterprise Edition via the Serialization component. Affected Oracle Java SE versions: 7u321, 8u311, 11.0.13, 17.0.1; GraalVM Enterprise Edition: 20.3.4 and 21.3.0. The vulnerability is exploitable over the network and allows an unauthenticated att...

4.3CVSS3.8AI score0.03763EPSS
Total number of security vulnerabilities971