743 matches found
CVE-2022-21619
CVE-2022-21619 affects Oracle Java SE (Security) and Oracle GraalVM Enterprise Edition. Affected Java SE versions: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; GraalVM Enterprise Edition: 20.3.7, 21.3.3, 22.2.0. The vulnerability allows unauthenticated network access to compromise affected product...
CVE-2020-2803
CVE-2020-2803 affects OpenJDK (Libraries component, Java SE/OpenJDK). The connected document confirms a vulnerability in boundary checks of java.nio buffer classes that allows an untrusted Java applet/application to bypass Java sandbox restrictions. Affected versions align with the original descr...
CVE-2021-22946
CVE-2021-22946 affects curl before 7.82.0 (and within 7.20.0–7.78.0 per description) where the --ssl-reqd option or CURLUSESSL controls could be bypassed if a server crafts a legitimate response, allowing curl to continue without TLS. Connected sources confirm this flaw exists across multiple eco...
CVE-2018-11212
CVE-2018-11212 affects libjpeg/libjpeg-turbo: the alloc_sarray function in jmemmgr.c allows a remote attacker to cause a denial of service via a crafted file due to a divide-by-zero error. Public advisories (e.g., ALAS2-2019-1198, ALAS-2019-1286, AL2/ALSA-centos/CESA-2019:2052, Debian DLA-1638-1)...
CVE-2020-2590
CVE-2020-2590 is an OpenJDK/Oracle Java SE vulnerability in the Security component (Kerberos interop) affecting Java SE and Java SE Embedded across multiple versions. Public descriptions indicate unauthenticated remote access via network and potential unauthorized data updates/deletes; CVSS 3.0 b...
CVE-2021-2002
CVE-2021-2002 affects the MySQL Server, specifically the replication server component. Affected are 8.0.22 and earlier. The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause a hang or a frequently repeatable crash (DoS) of MySQL Serve...
CVE-2020-2804
CVE-2020-2804 affects Oracle MySQL Server, component Server: Memcached . Affected versions include 5.6.47 and earlier, 5.7.29 and earlier, and 8.0.19 and earlier. The vulnerability allows an unauthenticated attacker with network access via multiple protocols to cause a hang or crash (complete DOS...
CVE-2021-2226
CVE-2021-2226 affects Oracle MySQL Server (Server: Information Schema). Affected: MySQL 5.7.33 and older, 8.0.23 and older. Description in the provided docs notes an easily exploitable issue that could allow a high-privileged attacker with network access via multiple protocols to compromise data ...
CVE-2021-2171
CVE-2021-2171 affects Oracle MySQL Server (Server: Replication). Affected versions: MySQL 5.7.33 and earlier and 8.0.23 and earlier. The flaw allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DoS). The connected advisories indi...
CVE-2019-17531
CVE-2019-17531 affects FasterXML jackson-databind 2.0.0–2.9.10; when Default Typing is enabled for an externally exposed JSON endpoint and apache-log4j-extra 1.2.x is on the classpath, an attacker capable of providing a JNDI service can trigger remote code execution. Connected documents corrobora...
CVE-2020-14775
CVE-2020-14775 affects Oracle MySQL Server InnoDB. Affects MySQL Server versions 5.7.31 and earlier and 8.0.21 and earlier; exploitation can cause the server to hang or crash (DoS) via network access across multiple protocols. Remediation in public advisories includes upgrading to fixed releases:...
CVE-2020-14576
CVE-2020-14576 affects Oracle MySQL Server (component: Server: UDF). Affected versions are MySQL 5.7.30 and earlier, and 8.0.20 and earlier. The vulnerability enables a low-privilege, network-access attacker to cause a hang or frequent crashes (complete DoS) via multiple protocols. The CVSS3.1 ba...
CVE-2021-2020
CVE-2021-2020 concerns Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.20 and prior. The vulnerability can be exploited by a low-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash, resulting in a complete denial of service. ...
CVE-2021-2042
CVE-2021-2042 affects the MySQL Server component InnoDB in Oracle MySQL. Affected versions are 8.0.21 and earlier. The vulnerability is exploitable by a high-privilege attacker who has local access to the MySQL server, enabling unauthorized read access to a subset of MySQL data. The CVSS 3.1 Base...
CVE-2021-2230
CVE-2021-2230 affects the Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.23 and earlier . The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or crash in MySQL Server, i.e., a DoS ...
CVE-2021-35561
CVE-2021-35561 affects Oracle Java SE/GraalVM Enterprise Edition across multiple components (e.g., Utility, Swing, ImageIO, Keytool, JSSE) with affected Java SE versions 7u311, 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. The vulnerability allows unauthenticated network access to cause partia...
CVE-2024-21085
CVE-2024-21085 is described across multiple sources as a low-severity issue affecting Oracle Java SE and GraalVM/OpenJDK components. Affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13, 21.3.9 (plus related OpenJDK/OpenJDK11 advisories). The vulnera...
CVE-2021-2030
CVE-2021-2030 affects Oracle MySQL Server (component: Server: Optimizer). Affected are MySQL Server versions 8.0.21 and earlier. A remote, high-privilege attacker with network access via multiple protocols can cause a hang or complete DoS of MySQL Server. Oracle has released updates to fix these ...
CVE-2021-2340
CVE-2021-2340 affects Oracle MySQL Server, specifically the Memcached component, with vulnerable versions 8.0.25 and earlier. The issue can be exploited over the network via multiple protocols and may allow a high-privilege attacker to cause a partial denial of service on MySQL Server. Affected e...
CVE-2020-2757
CVE-2020-2757 affects Oracle Java SE/SE Embedded (Serialization). Vulnerable: Java SE: 7u251, 8u241, 11.0.6, 14; SE Embedded: 8u241. Impact: unauthenticated network access leading to partial DoS on Java SE/SE Embedded. Root cause: serialization-related handling in the affected component; sandboxe...
CVE-2021-2065
CVE-2021-2065 affects Oracle MySQL Server (component: Server: Optimizer). Affected: MySQL 8.0.22 and earlier. Attack requires high privileges and network access; an attacker can cause a hang or crash (complete DoS) in MySQL Server. Remediation: upgrade to a patched release (e.g., MySQL 8.0.26 or ...
CVE-2021-35603
CVE-2021-35603 is a TLS-related vulnerability in the JSSE component of Java SE and GraalVM Enterprise Edition. Affected: Java SE 7u311, 8u301, 11.0.12, 17; GraalVM EE 20.3.3 and 21.2.0. Description indicates an unauthenticated network attacker could read data from vulnerable Java deployments (e.g...
CVE-2019-2946
CVE-2019-2946 is a vulnerability in Oracle MySQL Server (component: Server: PS) affecting MySQL 5.7.27 and earlier and 8.0.17 and earlier. An attacker with network access and low privileges could cause a hang or crash (DoS) via multiple protocols. Public notices across advisories confirm affected...
CVE-2020-14697
CVE-2020-14697 affects Oracle MySQL MySQL Server (Server: Security: Privileges). Affected versions are 8.0.20 and earlier. The vulnerability is described as easily exploitable with network access via multiple protocols, allowing a high-privilege attacker to take over MySQL Server. Public referenc...
CVE-2020-2830
CVE-2020-2830 affects Oracle Java SE/Java SE Embedded (Concurrency component) with Java SE versions 7u251, 8u241, 11.0.6 and 14; Java SE Embedded 8u241. The vulnerability allows unauthenticated network-based exploitation via multiple protocols, potentially enabling partial denial of service on Ja...
CVE-2020-8174
CVE-2020-8174 is a Node.js vulnerability where napi_get_value_string_*() can trigger memory corruption in affected releases. Affected are Node.js runtimes prior to 10.21.0, 12.18.0, and prior to 14.4.0. Documented mitigations/include patches update Node.js to 10.21.0, 12.18.2, and 14.4.0 respecti...
CVE-2021-2122
CVE-2021-2122 affects Oracle MySQL Server (Server: DDL). Affected: MySQL 8.0.22 and earlier. Description in the CVE notes an easily exploitable vulnerability that, with network access via multiple protocols and a high-privilege attacker, can cause the MySQL Server to hang or crash (DoS). Connecte...
CVE-2019-2911
CVE-2019-2911 affects Oracle MySQL Server (Information Schema) and multiple affected versions (5.6.45 and prior; 5.7.27 and prior; 8.0.17 and prior). The vulnerability enables a high-privileged, network-accessible attacker via multiple protocols to read a subset of MySQL Server data. The initial ...
CVE-2021-35578
CVE-2021-35578 affects Java SE (JSSE) and Oracle GraalVM Enterprise Edition; vulnerable are Java SE 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. Attack requires network access via TLS to targeted APIs, with unauthenticated access and no user interaction, potentially enabling a partial denial ...
CVE-2020-2800
CVE-2020-2800 affects Oracle Java SE/Java SE Embedded, specifically the Lightweight HTTP Server component. Affected versions include Java SE 7u251, 8u241, 11.0.6, 14 and Java SE Embedded 8u241. The vulnerability can be exploited over a network with unauthenticated access via multiple protocols, p...
CVE-2021-2174
Summary: CVE-2021-2174 αφορά la base de datos Oracle MySQL, específicamente la seguridad de InnoDB en MySQL Server. Afecta versiones 5.7.33 y anteriores y 8.0.23 y anteriores. El fallo, descrito en varias fuentes, permite a un atacante con alto nivel de privilegios y acceso en red a través de múl...
CVE-2021-35588
CVE-2021-35588 is a vulnerability in Oracle Java SE and GraalVM Enterprise Edition (Hotspot component) affecting Java SE 7u311 and 8u301 and GraalVM Enterprise Edition 20.3.3/21.2.0. The issue allows an unauthenticated, network-accessible attacker to exploit multiple protocols after user interact...
CVE-2020-14567
CVE-2020-14567 affects MySQL Server (Replication) and can be exploited over the network by a high-privilege attacker to cause a complete DoS via hangs/crashes. Public sources in connected docs confirm the issue across multiple distributions and indicate patches exist; applying vendor advisories/u...
CVE-2020-2763
CVE-2020-2763 affects Oracle MySQL Server (Server: Replication). Affected: 5.6.47 and earlier, 5.7.29 and earlier, 8.0.19 and earlier. Exploitation via network by a high-privilege attacker can cause a hang or crash (DoS). CVSS v3.0 base 4.9 (AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). The CVE entry not...
CVE-2020-2773
CVE-2020-2773 is a vulnerability in Oracle Java SE and Java SE Embedded (component: Security) that can be exploited remotely by unauthenticated attackers to cause a partial denial of service on affected Java runtimes. Affected versions include Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedde...
CVE-2021-1998
CVE-2021-1998 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.20 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to compromise MySQL Server, potentially allowing unauthorized update/in...
CVE-2021-2232
CVE-2021-2232 affects Oracle MySQL Server, specifically the Server: Group Replication Plugin . Affected are MySQL 8.0.23 and earlier . The initial sources describe a vulnerability that, when exploited by a high-privileged attacker with local access to the MySQL server host, can lead to a partial ...
CVE-2021-2372
CVE-2021-2372 affects Oracle MySQL Server (InnoDB) with vulnerable versions 5.7.34 and earlier and 8.0.25 and earlier. The flaw allows a high-privilege attacker with network access to cause a hang or frequent crash (DoS) of MySQL Server; CVSS 3.1 base score 4.4 (Availability). Connected documents...
CVE-2024-21140
CVE-2024-21140 affects Oracle Java SE and Oracle GraalVM products (Hotspot, 2D, Networking, Serialization, Concurrency). Affects multiple supported Java runtimes (e.g., Java SE 8u411/11.0.23/17.0.11/22.0.1; GraalVM JDK 17.0.11/21.0.3/22.0.1; GraalVM EE 20.3.14/21.3.10). Described as remotely expl...
CVE-2019-2434
CVE-2019-2434 affects the Oracle MySQL Server component (subcomponent: Server: Parser). Affected versions include 5.7.24 and earlier and 8.0.13 and earlier. It is exploitable over the network by a low-privileged attacker and can cause a hang or a crash (availability impact) in MySQL Server. The C...
CVE-2021-2146
The CVE-2021-2146 entry describes a vulnerability in Oracle MySQL Server (component: Server: Options) affecting MySQL 5.7.33 and earlier and 8.0.23 and earlier. It allows a high‑privileged attacker with network access via multiple protocols to cause the server to hang or crash (DoS). Public advis...
CVE-2021-2293
CVE-2021-2293 affects Oracle MySQL Server (Server: Stored Procedure). Affected versions: 8.0.23 and earlier. Exploitation is possible by a high-privilege attacker with network access via multiple protocols, potentially causing a hang or crash (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Avail...
CVE-2020-14672
The CVE-2020-14672 issue affects Oracle MySQL Server (Server: Stored Procedure) and impacts MySQL Server versions 5.6.49 and earlier, 5.7.31 and earlier, and 8.0.21 and earlier. It can be triggered by a network-accessible attacker to cause a hang or a frequent crash (DoS). The vulnerability arise...
CVE-2022-21278
CVE-2022-21278 affects Oracle MySQL Server (Server: Optimizer). Public sources in connected documents describe a vulnerability due to improper input validation in the Server: Optimizer. Affected versions are 8.0.26 and earlier. Successful exploitation via network from a low-privilege, unauthentic...
CVE-2019-2539
In the provided connected documents, CVE-2019-2539 is described as a vulnerability in the MySQL Server component (subcomponent: Server: Connection). Affected versions are 8.0.13 and prior. The flaw can be exploited by a highly privileged attacker with network access via multiple protocols to caus...
CVE-2020-14593
CVE-2020-14593 is a vulnerability in the 2D component of Oracle Java SE/SE Embedded. Affected: Java SE 7u261, 8u251, 11.0.7, 14.0.1; Java SE Embedded 8u251. Vulnerability type is unspecified in the provided sources, but exploitation is described as unauthenticated with network access via multiple...
CVE-2020-2686
CVE-2020-2686 affects Oracle MySQL Server, specifically the Server: Optimizer component. Affected versions are 8.0.18 and earlier. The vulnerability allows a low-privileged attacker with network access via multiple protocols to potentially cause a hang or a frequently repeating crash (complete DO...
CVE-2020-2853
Summary of CVE-2020-2853 (MySQL) : In Oracle MySQL Server, a vulnerability in the Server: Security: Privileges component affects 8.0.18 and earlier, enabling a highly privileged attacker with network access (via multiple protocols) to trigger a hang or crash of MySQL Server (denial of service). T...
CVE-2021-2169
CVE-2021-2169 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 5.7.33 and prior, and 8.0.23 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause the MySQL Server to hang or crash (DoS). The CVSSv3.1 base...
CVE-2019-2420
CVE-2019-2420 is a vulnerability in the Oracle MySQL Server: Optimizer subcomponent. Affected products/versions include MySQL Server 5.7.24 and prior and 8.0.13 and prior; exploitation requires network access and high privileges, via multiple protocols, to cause a hang or frequent crash (DoS). Co...