743 matches found
CVE-2020-14539
CVE-2020-14539 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and earlier. Exploitation can cause a hang or crash (DoS) with network access via multiple protocols. Cited connected advisories recommend upgrading to non-vu...
CVE-2020-14583
CVE-2020-14583 affects Oracle Java SE/Java SE Embedded (Libraries component). Affected: Java SE 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded 8u251. Exploitation requires network access with user interaction and can lead to takeover of Java SE/Embedded with high impact on confidentiality, int...
CVE-2020-2577
CVE-2020-2577 affects Oracle MySQL Server: InnoDB is the vulnerable component. Affected versions are 5.7.28 and earlier, and 8.0.18 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Connected...
CVE-2020-2584
CVE-2020-2584 affects Oracle MySQL Server (component: Server: Options). Affected versions are 5.7.28 and prior, and 8.0.18 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise MySQL Server, potentially leading to unauthorized acces...
CVE-2020-2759
CVE-2020-2759 affects Oracle MySQL Server (Server: Replication) with affected versions 8.0.19 and earlier. The vulnerability is exploitable over the network via multiple protocols and can lead to a hang or repeated crashes (high-availability Denial of Service) as described in the CVE entry. Conne...
CVE-2020-2930
CVE-2020-2930 affects Oracle MySQL's MySQL Server, component Server: Parser. Affects 8.0.19 and earlier; exploitation can enable a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). Remediation referenced in a related package update is upgrading to ...
CVE-2021-2028
CVE-2021-2028 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.21 and earlier. Vulnerability details: a high-privilege attacker with network access via multiple protocols can cause a complete DoS by hanging or crashing the MySQL Server. This matches the initial vulnerability descri...
CVE-2020-14663
CVE-2020-14663 affects Oracle MySQL Server (component: Server: Security: Privileges). Affected: MySQL 8.0.20 and earlier. Root cause: privilege escalation through the Server security subsystem allowing a high-privilege attacker to compromise the MySQL Server over network via multiple protocols. I...
CVE-2020-2573
CVE-2020-2573 affects Oracle MySQL’s C API client. Affects: MySQL Client, versions 5.7.28 and earlier, and 8.0.18 and earlier. Root cause: a vulnerability in the C API that allows an unauthenticated, network-based attacker access via multiple protocols to cause a hang or frequent, repeatable cras...
CVE-2020-2904
CVE-2020-2904 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions: 8.0.19 and earlier. The issue enables a high-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (complete DoS) of MySQL Server. The connected sources indicate ...
CVE-2020-14852
CVE-2020-14852 affects Oracle MySQL Server (Server: Charsets) and
CVE-2019-2973
CVE-2019-2973 is an issue in Oracle Java SE/Java SE Embedded (component: JAXP) affecting OpenJDK/OpenJDK builds such as 7u231, 8u221, 11.0.4 and 13 (and Embedded 8u221). The vulnerability allows unauthenticated network-accessed exploitation that can cause a partial denial of service in Java SE/SE...
CVE-2019-2945
CVE-2019-2945 affects Oracle Java SE/Java SE Embedded (Networking) with affected Java SE versions 7u231, 8u221, 11.0.4, 13 and Java SE Embedded 8u221. The vulnerability can be exploited over the network by unauthenticated attackers; some vectors require user interaction and may lead to a partial ...
CVE-2020-2781
CVE-2020-2781 concerns Oracle/OpenJDK Java SE JSSE vulnerability that allows unauthenticated network access to degrade availability in Java SE and Java SE Embedded (client/server deployment). The Chainguard data confirms affected OpenJDK JSSE components and versions, aligning with the CVE descrip...
CVE-2021-2058
CVE-2021-2058 affects Oracle MySQL Server (component: Server: Locking) with affected versions 8.0.22 and earlier. The vulnerability allows a high-privileged attacker who can access the server over the network via multiple protocols to cause a hang or frequently repeatable crash (DoS) of MySQL Ser...
CVE-2024-28752
CVE-2024-28752 is a SSRF vulnerability in Apache CXF’s Aegis DataBinding. Affected CXF versions are those before 4.0.4, 3.6.3, and 3.5.8; the issue enables SSRF-style attacks on web services that take at least one parameter. Other data bindings (including default) are not impacted. Remediation: u...
CVE-2019-2535
CVE-2019-2535 affects Oracle MySQL Server (subcomponent: Server: Options). From the public records, affected versions are 8.0.13 and prior. The vulnerability is described as difficult to exploit but can allow a high-privileged attacker who can log on to the host where MySQL Server runs to comprom...
CVE-2020-14830
CVE-2020-14830 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.21 and earlier. Description across sources: low-privilege attacker with network access via multiple protocols can cause the MySQL Server to hang or frequently crash (complete DoS). The connected documents confirm ...
CVE-2021-2202
CVE-2021-2202 affects Oracle MySQL Server (Server: Replication). Affected: MySQL 5.7.32 and earlier; 8.0.22 and earlier. Exploitation by a low-privileged, network-authenticated attacker via multiple protocols can cause a hang or repeated crash (DoS) of MySQL Server (CVSS v3.1 base 6.5, Availabili...
CVE-2019-2914
CVE-2019-2914 affects Oracle MySQL Server (component: Server: Security: Encryption). Affected versions: 5.7.27 and prior, 8.0.17 and prior. Exploitation requires low privileges and network access; can result in a hang or complete DoS of MySQL Server (A: HIGH). CVSS 3.0 base score 6.5 (Availabilit...
CVE-2020-10878
Perl before 5.30.3 contains an integer overflow in the regular expression compiler (related to PL_regkind[OP(n)] == NOTHING). A crafted regex can produce malformed bytecode with a possibility of instruction injection, as documented by multiple advisories and CVEs (e.g., CVE-2020-10878). Public re...
CVE-2020-14777
Oracle MySQL Server vulnerability CVE-2020-14777 affects the Server: Optimizer in MySQL 8.0.21 and earlier. An attacker with network access via multiple protocols and high privileges can cause the server to hang or crash (DoS). Affected product/version details are supported in connected documents...
CVE-2021-35567
CVE-2021-35567 affects Oracle Java SE and GraalVM Enterprise Edition libraries; root cause is incorrect principal selection when Kerberos Constrained Delegation is used. Affected: Java SE 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0 (Libraries component). Impact includes potential unauthorized...
CVE-2024-21144
CVE-2024-21144 affects Oracle Java SE and Oracle GraalVM Enterprise Edition (component: Concurrency; also listed under Hotspot, 2D, and other Java runtime areas in related entries). Affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14, 21.3.10 (and o...
CVE-2020-14678
CVE-2020-14678 affects the MySQL Server component “Server: Security: Privileges” in Oracle MySQL. Affected versions are 8.0.20 and prior. The exploit requires network access via multiple protocols and a high-privilege attacker can compromise and take over the MySQL Server. Public advisories align...
CVE-2020-14790
Oracle MySQL Server (Server: PS) is affected in 5.7.31 and earlier and 8.0.21 and earlier. An attacker with network access via multiple protocols can exploit this to cause the server to hang or crash (DoS). Public details show suggested fixes via upgrading to newer MySQL versions (e.g., MySQL 8.0...
CVE-2020-14867
CVE-2020-14867 affects Oracle MySQL Server (Server: DDL). Affected versions are 5.6.49 and earlier, 5.7.31 and earlier, and 8.0.21 and earlier. The vulnerability can be exploited by a highly privileged attacker with network access via multiple protocols to cause the MySQL Server to hang or crash ...
CVE-2020-2898
CVE-2020-2898 affects Oracle MySQL Server, specifically the Server: Charsets component in version 8.0.19. The vulnerability can allow a high-privilege attacker with network access to cause a hang or crash (DoS) of MySQL Server. Connected sources corroborate the issue as a denial-of-service-type v...
CVE-2024-21012
The CVE-2024-21012 entry concerns Oracle Java SE and Oracle GraalVM variants (JDK and Enterprise Edition) with a Networking component vulnerability. Affected products/versions include Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; GraalVM for JDK: 17.0.10, 21.0.2, 22; GraalVM Enterprise Edition: 2...
CVE-2019-2532
CVE-2019-2532 affects Oracle MySQL Server, subcomponent Server: Security: Privileges. Affected: MySQL Server versions 5.7.24 and earlier, and 8.0.13 and earlier. Description states an easily exploitable, network-accessible vulnerability that can grant high privileges to an attacker and may cause ...
CVE-2020-14540
CVE-2020-14540 affects Oracle MySQL Server (Server: DML). Affected: MySQL 5.7.30 and earlier and 8.0.20 and earlier. Exploitation can allow a high-privilege attacker with network access via multiple protocols to cause a denial of service (hang or crash). Remediation in public advisories: upgrade ...
CVE-2020-14559
CVE-2020-14559 affects Oracle MySQL Server, specifically the Server: Information Schema component. Affected: MySQL Server versions 5.6.48 and earlier, 5.7.30 and earlier, and 8.0.20 and earlier. The vulnerability allows a low-privilege, network-accessible attacker to read a subset of data from My...
CVE-2020-14773
CVE-2020-14773 affects Oracle MySQL Server (Server: Optimizer). Affected versions: 8.0.21 and earlier. An attacker with high privileges and network access via multiple protocols can trigger a hang or crash (DoS) of MySQL Server. The entry does not describe specific exploit vectors or affected con...
CVE-2020-2583
CVE-2020-2583 affects OpenJDK/OpenJDK-derived packages across multiple vendors and OSes, with the Serialization component (and related areas) being impacted. Public advisories in Debian (DLA-2128-1) and CentOS/Red Hat family outline affected versions such as Java 7u241/8u231/11.0.5/13.0.1 (and em...
CVE-2020-2893
CVE-2020-2893 is an Oracle MySQL InnoDB vulnerability affecting 8.0.19 and earlier. An attacker with network access and high privileges can cause a hang or crash (denial of service) via multiple protocols. Connected sources enumerate this issue under MySQL Server/InnoDB and corroborate the 4.9 CV...
CVE-2021-2217
CVE-2021-2217 affects Oracle MySQL Server (component: Server: Stored Procedure) with vulnerable versions 8.0.23 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause a hang or crash (Denial of Service) of MySQL Server (CVSS v3.1 base 4.9). Pub...
CVE-2020-14579
CVE-2020-14579 affects Oracle Java SE/Embedded (Libraries component) with affected Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. The connected advisories confirm network-remote, unauthenticated access leading to a partial denial of service via multiple protocols, per CVSS 3.1 Base Score 3.7 ...
CVE-2020-14619
CVE-2020-14619 affects Oracle MySQL Server 8.0.20 and earlier, due to a vulnerability in Server: Parser that can cause a denial of service. Exploitation could lead to a hang or frequent crash. Remediation is to upgrade to a newer MySQL 8.0 release; distros list fixes (e.g., Gentoo: >=8.0.24, A...
CVE-2020-14837
CVE-2020-14837 affects Oracle MySQL Server 8.0.21 and earlier, specifically the Server: Optimizer component. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or frequent crash (DoS). CVSS 3.1 base score is 4.9 (Availability). Affected v...
CVE-2020-2897
CVE-2020-2897 affects Oracle MySQL Server (component: Server: Optimizer) with affected versions 8.0.19 and earlier. The vulnerability enables a high-privilege attacker who can reach the server over multiple network protocols to cause a hang or frequent crash (denial of service) of MySQL Server. T...
CVE-2021-2055
CVE-2021-2055 affects the MySQL Server (Oracle) with the Server: Optimizer component, affecting 8.0.21 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (DoS) of MySQL Server, with CVSS v3.1 b...
CVE-2021-2208
CVE-2021-2208 affects Oracle MySQL Server (Server: Partition) with affected versions 8.0.23 and earlier. The vulnerability can be exploited by an authenticated, high-privilege attacker over network via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Connected sources confirm th...
CVE-2020-14769
CVE-2020-14769 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 5.6.49 and prior, 5.7.31 and prior, 8.0.21 and prior. The vulnerability in the Optimizer can be exploited by a low-privilege, network-contact attacker to cause the server to hang or crash (DoS). CVSSv3.1 base score 6....
CVE-2021-2160
CVE-2021-2160 affects Oracle MySQL Server (Server: Optimizer). Affects MySQL 5.7.30 and earlier, and 8.0.17 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause the server to hang/crash (DoS). The vulnerability details and CVSS indicate avail...
CVE-2021-2193
CVE-2021-2193 affects Oracle MySQL Server (component: Server: Optimizer). Vulnerable in MySQL 8.0.23 and earlier. Root cause described as an easily exploitable feature/condition enabling a high-privileged attacker with network access (via multiple protocols) to cause a hang or frequently repeatab...
CVE-2020-14794
CVE-2020-14794 affects Oracle MySQL Server 8.0.21 and earlier (Server: Optimizer). The vulnerability can cause the server to hang or crash, enabling a high-privilege attacker with network access to trigger a complete DoS. Public sources in the connected set corroborate the issue and identify the ...
CVE-2020-2588
CVE-2020-2588 is a MySQL Server vulnerability (Oracle MySQL) in the Server: DML component. Affected products/versions shown in the sources are MySQL 8.0.18 and earlier. The issue is exploitable by a high-privilege attacker with network access via multiple protocols, and successful exploitation ca...
CVE-2020-2896
CVE-2020-2896 affects the MySQL Server (Oracle MySQL), specifically the Server: Information Schema component. Affected are 8.0.19 and earlier. The vulnerability allows a high-privilege attacker who has network access via multiple protocols to cause the MySQL Server to hang or crash (complete deni...
CVE-2020-2923
CVE-2020-2923 affects Oracle MySQL Server, component Server: Optimizer, with affected versions 8.0.19 and earlier. The vulnerability allows a high-privileged attacker who can access the service over network through multiple protocols to cause a hang or crash (Denial of Service). The connected Alm...
CVE-2020-2924
CVE-2020-2924 affects Oracle MySQL Server (component: Server: Optimizer) with vulnerable versions 8.0.19 and earlier. The issue can be exploited by a highly privileged attacker over the network via multiple protocols to cause a hang or crash of MySQL Server (complete DoS). The provided documents ...