743 matches found
CVE-2022-21527
CVE-2022-21527 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.29 and earlier. Summary: A high-privilege attacker who can reach the server over network protocols can trigger a hang or crash (DO S) and may perform unauthorized update/insert/delete on some data. The vulnerabili...
CVE-2022-21531
CVE-2022-21531 affects Oracle MySQL Server, component Server: Optimizer , with affected versions 8.0.29 and earlier. An attacker with network access via multiple protocols and requiring HIGH privileges can cause a hang or a frequent, repeatable crash (DoS) of MySQL Server. CVSS v3.1 base score 4....
CVE-2020-10727
CVE-2020-10727 affects ActiveMQ Artemis management API from version 2.7.0 up to 2.12.0. The root cause is that during the resetUsers operation, passwords are stored in plaintext in the Artemis shadow file (etc/artemis-users.properties), enabling a local attacker to read the shadow file contents. ...
CVE-2022-21525
CVE-2022-21525 affects Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.29 and earlier. The vulnerability enables a high-privilege attacker who can reach the server over the network via multiple protocols to cause a hang or a nearly-repeated crash (DOS). The CVSS v3.1...
CVE-2022-21415
CVE-2022-21415 affects Oracle MySQL Server, component Server: Replication. Affected: MySQL 8.0.28 and prior. Description: a high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (complete DOS). Connected advisories indicate broader MySQL su...
CVE-2022-21526
CVE-2022-21526 (Oracle MySQL Server, component: Server: Optimizer) affects MySQL Server versions 8.0.29 and earlier. The vulnerability allows a high-privilege, network-accessible attacker to cause a hang or frequent/complete denial of service (A: H) via multiple protocols. The issue is documented...
CVE-2022-21529
CVE-2022-21529 affects Oracle MySQL Server, component Server: Optimizer. Affected versions are 8.0.29 and earlier. The vulnerability is described as easily exploitable over the network via multiple protocols and can lead to a hang or repeated crash (complete DoS). Multiple connected sources corro...
CVE-2022-21547
CVE-2022-21547 concerns a vulnerability in the Oracle MySQL Server, specifically the Server: Federated component. The affected product is MySQL Server (Oracle MySQL) with affected versions listed as 8.0.29 and prior . The vulnerability is described as easily exploitable by a high-privilege attack...
CVE-2019-2924
CVE-2019-2924 is a vulnerability in the MySQL Server product (Oracle MySQL), specifically under Server: Security: Encryption. Affected versions are 5.6.45 and earlier and 5.7.27 and earlier. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read da...
CVE-2020-4051
The CVE-2020-4051 entry affects the Dijit Editor’s LinkDialog plugin, with cross-site scripting vulnerability present in Dijit releases prior to the fixed versions. Documented affected ranges include Dijit 1.11.x through 1.16.x, with fixes implemented in 1.11.11, 1.12.9, 1.13.8, 1.14.7, 1.15.4, a...
CVE-2022-21530
CVE-2022-21530 affects Oracle MySQL Server (Server: Optimizer) and is applicable to MySQL 8.0.29 and prior. The description states that a high-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or crash (complete DOS). The CVSS 3.1 base score is 4.9 (...
CVE-2022-21556
CVE-2022-21556 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.28 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause unauthorized creation, deletion, or modification of data and to...
CVE-2023-22046
CVE-2023-22046 affects Oracle MySQL Server, Server: Optimizer. Affected versions are 8.0.33 and earlier. An attacker with high privileges and network access could cause a hang or crash (DOS) in MySQL Server. The vulnerability is tied to the Optimizer component. Remediation noted in public advisor...
CVE-2023-22008
CVE-2023-22008 affects Oracle MySQL Server (InnoDB) with vulnerable versions 8.0.33 and earlier. An attacker with network access through multiple protocols and high privileges can cause a hang or frequent crash (DoS) of MySQL Server (CVSS 4.9, AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Connected sourc...
CVE-2018-3071
CVE-2018-3071 affects the MySQL Server Audit Log component in Oracle MySQL, with vulnerable versions up to 5.7.22 (and earlier). The exposed impact per the sources is a high-privilege attacker with network access via multiple protocols can cause a denial of service, resulting in a hang or frequen...
CVE-2018-2846
CVE-2018-2846 affects Oracle MySQL Server, specifically the Server: Performance Schema. Affected versions are 5.7.21 and earlier. An attacker with high privileges and network access via multiple protocols can cause the MySQL Server to hang or crash (availability impact). The vulnerability is expl...
CVE-2023-22054
CVE-2023-22054 affects MySQL Server (Oracle MySQL), specifically the Server: Optimizer component. Affected products/versions: MySQL 8.0.33 and earlier. Root cause: unspecified in primary CVE entry, but the IBM Security Guardium bulletin and MySQL advisories describe a high-privilege, network-acce...
CVE-2023-22056
CVE-2023-22056 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.33 and prior. An attacker with network access via multiple protocols and high privileges can cause a hang or frequent crash (DoS) of MySQL Server. Remediation guidance in connected ...
CVE-2018-2777
CVE-2018-2777 : A vulnerability in Oracle MySQL Server (InnoDB) affecting 5.7.21 and earlier. It allows a high-privilege attacker with network access to cause a hang or frequent crashes (DoS) via multiple protocols. The issue is confirmed in multiple sources; exploitation status is not detailed i...
CVE-2018-3061
CVE-2018-3061 is a vulnerability in Oracle MySQL (MySQL Server: DML). Public sources in the Fedora update FEDORA-2018-f67fda3db6 show that MySQL 5.7.23 fixes this issue; prior 5.7.x versions are affected. The Red Hat RHSA-2018-3655/Nessus listing confirms a DML-related vulnerability in MySQL that...
CVE-2018-2759
CVE-2018-2759 affects the MySQL Server component (InnoDB). Affected are Oracle MySQL 5.7.x with 5.7.21 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (complete DOS) of MySQL Server (CVSS 3.0 shows A=High, Availab...
CVE-2019-2922
CVE-2019-2922 affects Oracle MySQL Server (Server: Security: Encryption) with affected versions 5.6.45 and earlier and 5.7.27 and earlier. The vulnerability is exploitable over the network by unauthenticated attackers via multiple protocols and can lead to unauthorized read access to a subset of ...
CVE-2017-10365
CVE-2017-10365 concerns a vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). The affected versions are 5.7.18 and earlier. An attacker with network access via multiple protocols and with high privileges can potentially compromise MySQL Server, leading to unauthori...
CVE-2018-2839
CVE-2018-2839 affects Oracle MySQL Server (Server: DML). Affected: MySQL 5.7.21 and earlier. Exploitable over network with high privileges via multiple protocols, potentially causing the server to hang or crash (DoS). The documents confirm the impact and affected versions, but do not provide a sp...
CVE-2017-10286
CVE-2017-10286 affects the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). The F5 advisory confirms the vulnerability is exploitable over the network by a high-privileged attacker with access via multiple protocols, and can cause a hang or crash (complete DOS). Affected versions in...
CVE-2018-2816
CVE-2018-2816 affects Oracle MySQL Server (subcomponent: Server: Optimizer). Affected versions: 5.7.21 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or crash (denial of service). The description indicates remediation guidance via Oracle C...
CVE-2019-2910
CVE-2019-2910 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected versions include 5.6.45 and prior and 5.7.27 and prior. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to read a subset of MySQL Server data due to issues...
CVE-2018-2812
CVE-2018-2812 affects Oracle MySQL Server (subcomponent Server: Optimizer). Affected: MySQL 5.7.21 and earlier. Impact: high privileged attacker with network access can cause a hang/complete DOS and may update/insert/delete data in affected data. Root cause: issues in the Server: Optimizer path a...
CVE-2017-10320
CVE-2017-10320 affects the MySQL Server component (InnoDB) of Oracle MySQL. Affected versions are 5.7.19 and earlier. An attacker with network access via multiple protocols can exploit this to cause a hang or a crash (DOS) of MySQL Server. The CVSS v3 base score is 4.9 (Availability impact). Reme...
CVE-2022-21550
CVE-2022-21550 affects Oracle MySQL Cluster (Cluster: General). Affected versions include 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior, and 8.0.29 and prior. Exploitation requires high-privilege access via the physical communication segment and user interaction; outcomes can include takeo...
CVE-2022-21380
CVE-2022-21380 concerns Oracle MySQL products. Connected documents identify a variant affecting MySQL Server 8.0.29 and earlier, caused by insufficient input validation in the Server: Optimizer component (and related InnoDB behavior in some entries). This can permit a high-privileged attacker wit...
CVE-2022-21519
CVE-2022-21519 : Oracle MySQL Cluster (component: Cluster: General) is affected for versions 8.0.29 and earlier. An unauthenticated attacker with network access via multiple protocols can cause a hang or frequent crash (complete DOS). CVSS v3.1 base score 5.9 (Availability, HIGH). References and ...
CVE-2020-2790
CVE-2020-2790 affects Oracle MySQL Server (Server: Pluggable Auth). The connected Nessus entries confirm: vulnerable in MySQL 5.7.28 and earlier, with exploitation possible by a low-privilege attacker over the network via multiple protocols. The impact stated in multiple sources is a complete DoS...
CVE-2019-2923
CVE-2019-2923 affects Oracle MySQL Server (MySQL) in the Server: Encryption area. Connected documents confirm affected versions: 5.6.45 and earlier, and 5.7.27 and earlier. The vulnerability is exploitable over the network by an unauthenticated attacker and can lead to unauthorized read access to...
CVE-2020-2806
CVE-2020-2806 affects Oracle MySQL Server (Server: Compiling) with affected versions 5.7.28 and earlier. The vulnerability can be exploited by a low-privileged, network-accessible attacker over multiple protocols to cause a hang or repeated crash (Denial of Service). CVSS v3 base score 5.3 (Avail...
CVE-2024-21101
CVE-2024-21101 affects Oracle MySQL Cluster (Cluster: General) across multiple releases: 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior, and 8.3.0 and prior. The vulnerability allows a high-privileged attacker with network access via multiple protocols to obtain unauthorized read access to ...
CVE-2021-35621
CVE-2021-35621 affects Oracle MySQL Cluster (Cluster: General). Affected: MySQL Cluster releases 7.4.33 and earlier, 7.5.23 and earlier, 7.6.19 and earlier, 8.0.26 and earlier. Root cause: a vulnerability in the Cluster: General component could let a highly privileged attacker, with access to the...
CVE-2020-14853
CVE-2020-14853 (MySQL Cluster, NDBCluster Plugin) is confirmed in multiple connected sources as a vulnerability affecting Oracle MySQL’s MySQL Cluster with affected versions 8.0.21 and earlier. The flaw can be exploited by a low-privilege, network-accessible attacker via multiple protocols. Succe...
CVE-2019-5503
CVE-2019-5503 concerns NetApp OnCommand Workflow Automation. The affected product versions “prior to 5.0” allegedly shipped without certain HTTP security headers, potentially enabling information disclosure via unspecified vectors. The Red Hat/Lenovo entries confirm the same CVE description and r...
CVE-2021-35618
CVE-2021-35618 affects Oracle MySQL Cluster (Cluster: General) with affected versions 8.0.26 and earlier. The vulnerability in the Cluster General component can permit a highly privileged attacker with physical access to the hardware communication segment to cause partial DoS on MySQL Cluster; ex...
CVE-2025-21492
CVE-2025-21492 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.36 and prior, and 8.4.0. Description: vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or frequent, repeatable crash (complete DoS) of MySQL Serv...
CVE-2015-3292
NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 installs the Java Debug Wire Protocol (JDWP) service via the installer, enabling remote code execution by an attacker through unspecified vectors. This vulnerability is corroborated across multiple sources (NVD entry CVE-201...
CVE-2016-1894
CVE-2016-1894 affects NetApp OnCommand Workflow Automation prior to version 3.1P2. The vulnerability is an authentication bypass that enables remote attackers to bypass authentication via unspecified vectors. The issue is documented across multiple sources (NVD entries and vendor/CNVD references)...