756 matches found
CVE-2022-21537
CVE-2022-21537 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.29 and earlier. The vulnerability has a high-privilege remote attacker scenario over multiple network protocols, potentially causing a hang or repeated crashes (complete DOS). Some connected advisories note remediation...
CVE-2022-21414
CVE-2022-21414 affects Oracle MySQL Server, specifically the Server: Optimizer. Affected versions are 8.0.28 and earlier. An attacker with high privileges and network access via multiple protocols can cause the server to hang or crash (denial of service). The vulnerability is documented as a deni...
CVE-2023-22038
CVE-2023-22038 affects Oracle MySQL Server (Server: Security: Privileges) with affected versions 8.0.33 and earlier. A high-privileged attacker with network access via multiple protocols could authorize data updates/inserts/deletes. Root cause and impact stated as low to moderate integrity impact...
CVE-2018-2810
CVE-2018-2810 affects Oracle MySQL Server (InnoDB subcomponent). Affected are MySQL 5.7.21 and earlier. Attackers with network access via multiple protocols and high privileges can cause a hang or frequent crashes (DoS) of MySQL Server. CVSSv3 base score 4.9 (A: High, Availability impact). Remedi...
CVE-2022-21528
CVE-2022-21528 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.29 and earlier. An attacker with network access via multiple protocols and with HIGH privileges can cause a hang or a frequently repeatable crash (complete DOS) and may perform unauthorized updates/inse...
CVE-2023-22058
CVE-2023-22058 affects Oracle MySQL Server (Server: DDL) for versions 8.0.33 and earlier, allowing a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). The issue is documented with a CVSS base score of 4.4 (Availability). Remediation: upgrade to MyS...
CVE-2022-21538
CVE-2022-21538 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected: MySQL 8.0.29 and earlier. Attack: network access with low privileges can cause partial denial of service to MySQL Server. Impact: availability degradation (low). CVSS base score: 3.1 (LOW). Remediation...
CVE-2023-21946
CVE-2023-21946 affects Oracle MySQL Server, specifically the Server: Optimizer. Affected versions are 8.0.32 and earlier. The vulnerability can be exploited by a low-privilege attacker with network access via multiple protocols and can lead to a hang or frequently repeatable crash (complete DoS) ...
CVE-2022-21379
CVE-2022-21379 affects Oracle MySQL Server, specifically the Group Replication Plugin in MySQL 8.0.27 and earlier. The vulnerability allows a network-remote, high-privilege attacker to cause a hang or crash (DoS). Public materials note multiple distro advisories updating to newer MySQL 8.0.x vers...
CVE-2023-22057
CVE-2023-22057 affects Oracle MySQL Server, component Server: Replication, with affected versions 8.0.33 and prior. Multiple connected sources indicate this vulnerability can allow a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (com...
CVE-2018-2818
CVE-2018-2818 affects Oracle MySQL Server components (Server: Privileges) and is triggered by a high-privilege user over network protocols, potentially causing a hang or crash (DoS) on vulnerable MySQL Server versions 5.5.59 and earlier, 5.6.39 and earlier, or 5.7.21 and earlier. The connected ad...
CVE-2021-26118
The CVE-2021-26118 issue affects Apache ActiveMQ Artemis 2.15.0, where the OpenWire protocol head can produce advisory messages outside policy-based access control for the entire session, bypassing session-wide ACL protection. The root cause is improper access control enforcement during advisory ...
CVE-2022-21415
CVE-2022-21415 affects Oracle MySQL Server, component Server: Replication. Affected: MySQL 8.0.28 and prior. Description: a high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (complete DOS). Connected advisories indicate broader MySQL su...
CVE-2022-21527
CVE-2022-21527 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.29 and earlier. Summary: A high-privilege attacker who can reach the server over network protocols can trigger a hang or crash (DO S) and may perform unauthorized update/insert/delete on some data. The vulnerabili...
CVE-2022-21531
CVE-2022-21531 affects Oracle MySQL Server, component Server: Optimizer , with affected versions 8.0.29 and earlier. An attacker with network access via multiple protocols and requiring HIGH privileges can cause a hang or a frequent, repeatable crash (DoS) of MySQL Server. CVSS v3.1 base score 4....
CVE-2020-10727
CVE-2020-10727 affects ActiveMQ Artemis management API from version 2.7.0 up to 2.12.0. The root cause is that during the resetUsers operation, passwords are stored in plaintext in the Artemis shadow file (etc/artemis-users.properties), enabling a local attacker to read the shadow file contents. ...
CVE-2022-21525
CVE-2022-21525 affects Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.29 and earlier. The vulnerability enables a high-privilege attacker who can reach the server over the network via multiple protocols to cause a hang or a nearly-repeated crash (DOS). The CVSS v3.1...
CVE-2022-21547
CVE-2022-21547 concerns a vulnerability in the Oracle MySQL Server, specifically the Server: Federated component. The affected product is MySQL Server (Oracle MySQL) with affected versions listed as 8.0.29 and prior . The vulnerability is described as easily exploitable by a high-privilege attack...
CVE-2022-21526
CVE-2022-21526 (Oracle MySQL Server, component: Server: Optimizer) affects MySQL Server versions 8.0.29 and earlier. The vulnerability allows a high-privilege, network-accessible attacker to cause a hang or frequent/complete denial of service (A: H) via multiple protocols. The issue is documented...
CVE-2022-21529
CVE-2022-21529 affects Oracle MySQL Server, component Server: Optimizer. Affected versions are 8.0.29 and earlier. The vulnerability is described as easily exploitable over the network via multiple protocols and can lead to a hang or repeated crash (complete DoS). Multiple connected sources corro...
CVE-2019-2924
CVE-2019-2924 is a vulnerability in the MySQL Server product (Oracle MySQL), specifically under Server: Security: Encryption. Affected versions are 5.6.45 and earlier and 5.7.27 and earlier. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read da...
CVE-2020-4051
The CVE-2020-4051 entry affects the Dijit Editor’s LinkDialog plugin, with cross-site scripting vulnerability present in Dijit releases prior to the fixed versions. Documented affected ranges include Dijit 1.11.x through 1.16.x, with fixes implemented in 1.11.11, 1.12.9, 1.13.8, 1.14.7, 1.15.4, a...
CVE-2022-21530
CVE-2022-21530 affects Oracle MySQL Server (Server: Optimizer) and is applicable to MySQL 8.0.29 and prior. The description states that a high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (complete DOS). The CVSS 3.1 base score is 4.9 (...
CVE-2022-21556
CVE-2022-21556 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.28 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause unauthorized creation, deletion, or modification of data and to...
CVE-2023-22046
CVE-2023-22046 affects Oracle MySQL Server, Server: Optimizer. Affected versions are 8.0.33 and earlier. An attacker with high privileges and network access could cause a hang or crash (DOS) in MySQL Server. The vulnerability is tied to the Optimizer component. Remediation noted in public advisor...
CVE-2023-22008
CVE-2023-22008 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.33 and earlier. An attacker with network access through multiple protocols and high privileges can cause a hang or frequent crash (DoS) of MySQL Server (CVSS 4.9, AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Connected sourc...
CVE-2018-3071
CVE-2018-3071 affects the MySQL Server Audit Log component in Oracle MySQL, with vulnerable versions up to 5.7.22 (and earlier). The exposed impact per the sources is a high-privilege attacker with network access via multiple protocols can cause a denial of service, resulting in a hang or frequen...
CVE-2023-22054
CVE-2023-22054 affects MySQL Server (Oracle MySQL), specifically the Server: Optimizer component. Affected products/versions: MySQL 8.0.33 and earlier. Root cause: unspecified in primary CVE entry, but the IBM Security Guardium bulletin and MySQL advisories describe a high-privilege, network-acce...
CVE-2018-2846
CVE-2018-2846 affects Oracle MySQL Server, specifically the Server: Performance Schema. Affected versions are 5.7.21 and earlier. An attacker with high privileges and network access via multiple protocols can cause the MySQL Server to hang or crash (availability impact). The vulnerability is expl...
CVE-2023-22056
CVE-2023-22056 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.33 and prior. An attacker with network access via multiple protocols and high privileges can cause a hang or frequent crash (DoS) of MySQL Server. Remediation guidance in connected ...
CVE-2018-2777
CVE-2018-2777 : A vulnerability in Oracle MySQL Server (InnoDB) affecting 5.7.21 and earlier. It allows a high-privilege attacker with network access to cause a hang or frequent crashes (DoS) via multiple protocols. The issue is confirmed in multiple sources; exploitation status is not detailed i...
CVE-2018-3061
CVE-2018-3061 is a vulnerability in Oracle MySQL (MySQL Server: DML). Public sources in the Fedora update FEDORA-2018-f67fda3db6 show that MySQL 5.7.23 fixes this issue; prior 5.7.x versions are affected. The Red Hat RHSA-2018-3655/Nessus listing confirms a DML-related vulnerability in MySQL that...
CVE-2018-2759
CVE-2018-2759 affects the MySQL Server component (InnoDB). Affected are Oracle MySQL 5.7.x with 5.7.21 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server (CVSS 3.0 shows A=High, Availab...
CVE-2019-2922
CVE-2019-2922 affects Oracle MySQL Server (Server: Security: Encryption) with affected versions 5.6.45 and earlier and 5.7.27 and earlier. The vulnerability is exploitable over the network by unauthenticated attackers via multiple protocols and can lead to unauthorized read access to a subset of ...
CVE-2017-10365
CVE-2017-10365 concerns a vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). The affected versions are 5.7.18 and earlier. An attacker with network access via multiple protocols and with high privileges can potentially compromise MySQL Server, leading to unauthori...
CVE-2018-2839
CVE-2018-2839 affects Oracle MySQL Server (Server: DML). Affected: MySQL 5.7.21 and earlier. Exploitable over network with high privileges via multiple protocols, potentially causing the server to hang or crash (DoS). The documents confirm the impact and affected versions, but do not provide a sp...
CVE-2017-10286
CVE-2017-10286 affects the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). The F5 advisory confirms the vulnerability is exploitable over the network by a high-privileged attacker with access via multiple protocols, and can cause a hang or crash (complete DOS). Affected versions in...
CVE-2018-2816
CVE-2018-2816 affects Oracle MySQL Server (subcomponent: Server: Optimizer). Affected versions: 5.7.21 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or crash (denial of service). The description indicates remediation guidance via Oracle C...
CVE-2019-2910
CVE-2019-2910 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected versions include 5.6.45 and prior and 5.7.27 and prior. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read a subset of MySQL Server data due to issues...
CVE-2018-2812
CVE-2018-2812 affects Oracle MySQL Server (subcomponent Server: Optimizer). Affected: MySQL 5.7.21 and earlier. Impact: high privileged attacker with network access can cause a hang/complete DOS and may update/insert/delete data in affected data. Root cause: issues in the Server: Optimizer path a...
CVE-2017-10320
CVE-2017-10320 affects the MySQL Server component (InnoDB) of Oracle MySQL. Affected versions are 5.7.19 and earlier. An attacker with network access via multiple protocols can exploit this to cause a hang or a crash (DOS) of MySQL Server. The CVSS v3 base score is 4.9 (Availability impact). Reme...
CVE-2022-21550
CVE-2022-21550 affects Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior, and 8.0.29 and prior. Exploitation requires high-privilege access via the physical communication segment and user interaction; outcomes can include takeo...
CVE-2022-21380
CVE-2022-21380 concerns Oracle MySQL products. Connected documents identify a variant affecting MySQL Server 8.0.29 and earlier, caused by insufficient input validation in the Server: Optimizer component (and related InnoDB behavior in some entries). This can permit a high-privileged attacker wit...
CVE-2022-21519
CVE-2022-21519 : Oracle MySQL Cluster (component: Cluster: General) is affected for versions 8.0.29 and earlier. An unauthenticated attacker with network access via multiple protocols can cause a hang or frequent crash (complete DOS). CVSS v3.1 base score 5.9 (Availability, HIGH). References and ...
CVE-2020-2790
CVE-2020-2790 affects Oracle MySQL Server (Server: Pluggable Auth). The connected Nessus entries confirm: vulnerable in MySQL 5.7.28 and earlier, with exploitation possible by a low-privilege attacker over the network via multiple protocols. The impact stated in multiple sources is a complete DoS...
CVE-2019-2923
CVE-2019-2923 affects Oracle MySQL Server (MySQL) in the Server: Encryption area. Connected documents confirm affected versions: 5.6.45 and earlier, and 5.7.27 and earlier. The vulnerability is exploitable over the network by an unauthenticated attacker and can lead to unauthorized read access to...
CVE-2020-2806
CVE-2020-2806 affects Oracle MySQL Server (Server: Compiling) with affected versions 5.7.28 and earlier. The vulnerability can be exploited by a low-privileged, network-accessible attacker over multiple protocols to cause a hang or repeated crash (Denial of Service). CVSS v3 base score 5.3 (Avail...
CVE-2024-21101
CVE-2024-21101 affects Oracle MySQL Cluster (Cluster: General) across multiple releases: 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior, and 8.3.0 and prior. The vulnerability allows a high-privileged attacker with network access via multiple protocols to obtain unauthorized read access to ...
CVE-2021-35621
CVE-2021-35621 affects Oracle MySQL Cluster (Cluster: General). Affected: MySQL Cluster releases 7.4.33 and earlier, 7.5.23 and earlier, 7.6.19 and earlier, 8.0.26 and earlier. Root cause: a vulnerability in the Cluster: General component could let a highly privileged attacker, with access to the...