971 matches found
CVE-2020-14793
CVE-2020-14793 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 5.6.49 and earlier, 5.7.31 and earlier, 8.0.21 and earlier. Exploitation requires network access, potentially via multiple protocols, with high privileges to cause a hang or crash (DoS). Connected advisories confirm m...
CVE-2020-2925
CVE-2020-2925 affects Oracle MySQL Server, component Server: PS, with affected versions 8.0.19 and earlier. The connected sources confirm a high-privilege, network-accessible attacker could cause a hang or frequent crash (DoS) of MySQL Server. No exploit details are provided in the documents. A r...
CVE-2021-35586
CVE-2021-35586 is a vulnerability in Oracle Java SE (Java SE component: ImageIO) and Oracle GraalVM Enterprise Edition (affected versions: Java SE 7u311, 8u301, 11.0.12, 17; GraalVM EE: 20.3.3, 21.2.0) that enables an unauthenticated attacker with network access via multiple protocols to cause a ...
CVE-2018-2562
CVE-2018-2562 affects the MySQL Server component (Partition subcomponent) of Oracle MySQL. Affected versions include 5.5.58 and earlier, 5.6.38 and earlier, and 5.7.19 and earlier. The vulnerability allows a low-privileged, network-attacker with access via multiple protocols to cause a hang or cr...
CVE-2020-14632
CVE-2020-14632 concerns the MySQL Server component “Server: Options.” The vulnerability affects MySQL 8.0.x (8.0.20 and earlier) and can be exploited remotely with high privileges to cause a hang or crash of MySQL Server (DoS) via multiple network protocols. Connected advisories ( MiracleLinux AX...
CVE-2021-35564
CVE-2021-35564 affects Java SE (Keytool) and Oracle GraalVM Enterprise Edition, with affected Java SE versions 7u311, 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. The vulnerability is exploitable remotely with unauthenticated network access and can lead to unauthorized updates/insertions/dele...
CVE-2021-35604
CVE-2021-35604 affects Oracle MySQL Server (InnoDB). Affected versions: MySQL 5.7.35 and earlier, and 8.0.26 and earlier. The vulnerability enables a high-privilege attacker with network access (via multiple protocols) to cause a hang or a repeatable crash (DoS) and may allow unauthorized updates...
CVE-2019-2998
CVE-2019-2998 affects Oracle MySQL Server, component Server: Optimizer. Affected versions are 8.0.17 and prior. An attacker with network access via multiple protocols and high privileges can cause a hang or complete DoS of MySQL Server. The connected advisories (e.g., MiracleLinux/RHSA-RHSA-2020-...
CVE-2019-3003
CVE-2019-3003 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.16 and earlier. The vulnerability is exploitable remotely over multiple protocols by a high-privilege attacker, potentially causing a hang or crash (DoS) of MySQL Server. CVSS 3.0 Base Score is 4.9 (Availability impact)...
CVE-2020-14791
CVE-2020-14791 affects Oracle MySQL Server (InnoDB) with versions 8.0.21 and earlier. The vulnerability is exploitable over network via multiple protocols to high-privilege attackers and can cause partial denial of service on MySQL Server. Public documentation confirms the flaw and associated imp...
CVE-2022-21328
CVE-2022-21328 relates to Oracle MySQL Cluster. Connected CNVD entry describes an input validation error in Oracle MySQL Cluster, making the cluster vulnerable to an attacker who can execute arbitrary code via that flaw. Affected are MySQL Cluster components for versions 7.4.34 and prior, 7.5.24 ...
CVE-2022-21336
The CVE-2022-21336 entry corresponds to Oracle MySQL Cluster (Cluster: General). Affected releases include 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. The vulnerability is exploitable by a high-privilege attacker with access to the hardware’s physical commu...
CVE-2024-21015
CVE-2024-21015 affects Oracle MySQL Server (component: Server: DML). Influence: vulnerable on MySQL Server versions 8.0.34 and prior and 8.3.0 and prior; exploit can cause hang or crash (DoS) and unauthorized update/insert/delete to some data. Affected by network-accessible vectors; base score 5....
CVE-2020-2659
CVE-2020-2659 affects Oracle Java SE/SE Embedded (Networking) with vulnerable openjdk7/8 builds (7u241, 8u231; Embedded 8u231). The issue is a networking component flaw in DatagramChannelImpl that could let an unauthenticated attacker cause a partial denial of service over the network. Several co...
CVE-2020-14838
CVE-2020-14838 affects Oracle MySQL Server (Server: Security: Privileges) for MySQL 8.0.21 and earlier. The vulnerability allows a low-privileged, network-authenticated attacker to read a subset of MySQL Server data via multiple protocols due to the Privileges component exposure. CVSS 3.1 Base Sc...
CVE-2020-14860
Oracle MySQL CVE-2020-14860 affects MySQL Server 8.0.21 and earlier, specifically the Security: Roles component. The vulnerability could allow a high-privileged attacker with network access via multiple protocols to modify data (unauthorized update/insert/delete) in MySQL Server. Root cause and e...
CVE-2021-35546
The CVE-2021-35546 entry concerns Oracle MySQL Server (component: Server: Replication). Affected software: MySQL Server 8.0.26 and earlier. Description in sources indicates an easily exploitable vulnerability where a highly privileged attacker with network access via multiple protocols can cause ...
CVE-2021-35648
CVE-2021-35648 affects Oracle MySQL Server (Server: FTS) prior to 8.0.28-1, allowing a high-privileged attacker with network access to cause a denial-of-service (hang/crash) via the FTS path. Affected versions include 8.0.26 and earlier. Remediation noted in connected data: upgrade to 8.0.28-1 or...
CVE-2021-35596
CVE-2021-35596 affects Oracle MySQL Server (component: Server: Error Handling). Affected versions are 8.0.26 and earlier. The vulnerability can be triggered by a high‑privilege attacker with network access via multiple protocols, potentially causing the MySQL Server to hang or crash (DoS). Severa...
CVE-2019-2969
CVE-2019-2969 is a vulnerability in Oracle MySQL Server, specifically the client programs component. The connected sources indicate affected MySQL Server client-side code with versions 5.6.44 and earlier, 5.7.26 and earlier, and 8.0.16 and earlier. The issue is exploitable by an unauthenticated a...
CVE-2020-14597
CVE-2020-14597 affects Oracle MySQL Server, component Server: Optimizer, in 8.0.20 and earlier. A high-privilege attacker with network access via multiple protocols can exploit this to cause a hang or frequent crash (DoS) of MySQL Server. https://nvd.nist.gov shows CVSS 3.1 base score 4.9 (AV:N/A...
CVE-2020-14809
CVE-2020-14809 affects Oracle MySQL Server (Server: Optimizer). Affected versions are 8.0.21 and earlier. The issue allows a high-privileged attacker who can reach the server over multiple network protocols to cause a hang or frequent crash (DoS) in MySQL Server. The provided documents do not spe...
CVE-2021-3522
CVE-2021-3522 affects GStreamer before 1.18.4, where an out-of-bounds read may occur when handling certain ID3v2 tags. The issue is evidenced in multiple connected documents (e.g., Astra Linux advisory and Amazon Linux advisories) referencing an out-of-bounds read impacting availability. The conc...
CVE-2021-35591
Oracle MySQL Server (component: Server: DML) is affected in versions 8.0.26 and earlier. Root cause details are not explicitly provided in the documents, but multiple advisories indicate a high-privilege attacker with network access via multiple protocols could cause a hang or complete DoS of MyS...
CVE-2022-21340
CVE-2022-21340 concerns Oracle Java SE and GraalVM Enterprise Edition. The vulnerability affects Oracle Java SE components (Libraries) and GraalVM Enterprise Edition libraries listed as affected: Java SE 7u321, 8u311, 11.0.13, 17.0.1; GraalVM Enterprise Edition 20.3.4 and 21.3.0. The description ...
CVE-2022-21486
CVE-2022-21486 affects Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior, and 8.0.28 and prior. The vulnerability’s root cause allows a high-privileged attacker with access to the physical communication segment to compromise th...
CVE-2022-21443
CVE-2022-21443 is an Oracle Java SE/GraalVM EE vulnerability affecting the Libraries component. Affected: Oracle Java SE 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM EE 20.3.5, 21.3.1, 22.0.0.2. Exploitation is network-based and can lead to a partial denial of service, with unauthenticated a...
CVE-2023-22110
CVE-2023-22110 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.33 and earlier. Vulnerability allows a high-privilege, remote attacker to cause a hang or frequent, repeatable crashes (complete DOS) via network access across multiple protocols. Base score 4.9 (Availability impa...
CVE-2018-3058
The connected advisory entries substantiate CVE-2018-3058 as a real MySQL/MariaDB vulnerability affecting Oracle MySQL Server (MyISAM subcomponent) with affected 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior. The issue allows a low-privilege, network-access attacker via multiple protocols ...
CVE-2020-14836
CVE-2020-14836 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.21 and earlier. Vulnerability allows a low-privileged, network-access attacker (via multiple protocols) to cause the server to hang or crash (complete DoS) as described in the CVE entry. Some connected advisories ...
CVE-2022-21249
CVE-2022-21249 affects Oracle MySQL Server (Server: DDL) with affected versions up through 8.0.27 and earlier. The issue can be triggered by an attacker with network access via multiple protocols, potentially enabling a partial DoS on MySQL Server. The connected documents confirm affected package...
CVE-2022-21291
CVE-2022-21291 affects Oracle Java SE (Hotspot) and Oracle GraalVM Enterprise Edition. Affected versions include Oracle Java SE 7u321, 8u311, 11.0.13, 17.0.1 and GraalVM EE 20.3.4/21.3.0. It is exploitable over network via multiple protocols and can lead to unauthorized updates/deletes of data or...
CVE-2022-21331
The CVE-2022-21331 issue affects Oracle MySQL Cluster (Cluster: General) with affected versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability could allow an attacker with high privileges who has access to the hardware’s physical network segment to r...
CVE-2024-20963
CVE-2024-20963 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected are MySQL 8.0.35 and prior and 8.2.0 and prior. An attacker with network access and low privileges can exploit via multiple protocols to cause a hang or frequent crash (DoS). CVSS v3.1 base 6.5 (Avail. ...
CVE-2024-20965
CVE-2024-20965 affects Oracle MySQL Server (Server: Optimizer) on 8.0.35 and earlier and 8.2.0 and earlier. Affected component and underlying issue allow a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DOS). Mitigation: upgrade to a fixed version (e....
CVE-2021-35565
CVE-2021-35565 affects Java SE (JSSE) and OpenJDK components across Java releases (7u311, 8u301, 11.0.12) and Oracle GraalVM Enterprise Edition (20.3.3, 21.2.0). The issue arises in TLS handling via the HttpsServer, enabling an unauthenticated network attacker to cause a partial denial of service...
CVE-2019-2948
CVE-2019-2948 is a vulnerability in Oracle MySQL Server (component: Server: Optimizer). Affected versions are 5.7.26 and earlier, and 8.0.16 and earlier. It permits a high-privilege attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (DoS). The conne...
CVE-2020-14575
The CVE-2020-14575 entry concerns Oracle MySQL Server (Server: DML) affecting 8.0.20 and earlier. The vulnerability is exploitable remotely over multiple protocols by a high-privilege attacker and can cause a hang or frequent crash (DoS) of MySQL Server. The CVSS 3.1 base score is 4.9 (Availabili...
CVE-2022-21341
CVE-2022-21341 is an openly documented vulnerability affecting Oracle Java SE and Oracle GraalVM Enterprise Edition across multiple components (Serialization, JAXP, ImageIO, Hotspot, Libraries, 2D, etc.). Affected versions include Java SE 7u321, 8u311, 11.0.13, 17.0.1 and GraalVM EE 20.3.4/21.3.0...
CVE-2022-21454
CVE-2022-21454 affects the MySQL Server component Group Replication Plugin, with affected versions including MySQL 5.7.37 and earlier and 8.0.28 and earlier. A low-privilege attacker with network access via multiple protocols can cause the server to hang or crash (DoS). Remediation in the provide...
CVE-2020-14821
CVE-2020-14821 affects Oracle MySQL Server (InnoDB) and targets MySQL 8.0.21 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause a hang or complete DoS of MySQL Server. Public documents identify affected packages and note remediation through...
CVE-2022-21303
CVE-2022-21303 affects Oracle MySQL Server (component: Server: Stored Procedure). Affected versions are MySQL 5.7.36 and earlier and 8.0.27 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent crash (DoS) on the My...
CVE-2022-21478
CVE-2022-21478 affects Oracle MySQL’s MySQL Server, specifically the Server: Optimizer component. Affects 8.0.28 and earlier. An attacker with network access via multiple protocols and high privileges can cause the MySQL Server to hang or crash (complete DoS) and may gain unauthorized update/inse...
CVE-2018-3278
CVE-2018-3278 affects Oracle MySQL Server (component: Server: RBR). Affected versions: 5.6.41 and prior; 5.7.23 and prior; 8.0.12 and prior. An attacker with network access via multiple protocols and high privileges can, per the description, cause a hang or a frequently repeatable crash (DOS). Th...
CVE-2022-21265
CVE-2022-21265 affects Oracle MySQL Server (Server: Optimizer) on 8.0.27 and earlier. The vulnerability arises in the Optimizer component and can allow a high-privileged attacker with network access via multiple protocols to update/insert/delete data and cause partial denial of service. Remediati...
CVE-2022-21301
CVE-2022-21301 affects Oracle MySQL Server (Server: DML). Affected: MySQL 8.0.27 and earlier. Attackers with network access via multiple protocols could cause a hang or crash (DOS) and perform unauthorized data updates. Base impact: Availability and Integrity (CVSS 3.1 vector in sources). Remedia...
CVE-2022-21304
CVE-2022-21304 affects Oracle MySQL Server (Server: Parser). Affected versions: MySQL 5.7.36 and earlier; 8.0.27 and earlier. The vulnerability can be exploited by a privileged attacker with network access via multiple protocols to cause the server to hang or crash (partial/complete DoS) as descr...
CVE-2021-35597
CVE-2021-35597 affects the MySQL Client (C API) in Oracle MySQL. The description in the primary record notes affected versions 8.0.26 and earlier, with an attacker who has network access via multiple protocols able to cause a hang or crash (complete DoS) of the MySQL Client. Connected documents c...
CVE-2022-39410
CVE-2022-39410 affects Oracle MySQL Server (Server: Optimizer). The vulnerability is exploitable remotely over network protocols and can lead to a hang or frequent crash (DoS) of MySQL Server, affecting versions 8.0.30 and earlier. The issue is confirmed across multiple data sources describing a ...
CVE-2023-21940
CVE-2023-21940 is a MySQL Server vulnerability affecting the 8.0.32 and earlier series in the Server: Components Services area. The issue allows a high-privilege attacker with network access to cause a hang or a crash (DoS) via multiple protocols. Supported versions affected are 8.0.32 and prior....