743 matches found
CVE-2021-2300
CVE-2021-2300 affects Oracle MySQL Server (Server: DML) with affected versions 8.0.23 and earlier. The vulnerability could allow a high-privilege attacker, with network access via multiple protocols, to cause a hang or crash (complete DoS) of MySQL Server. The impact is availability loss as descr...
CVE-2021-35559
CVE-2021-35559 is a vulnerability in Oracle Java SE/OpenJDK (Swing component) affecting Java SE versions 7u311, 8u301, 11.0.12, and 17, plus Oracle GraalVM Enterprise Edition 20.3.3 and 21.2.0. The issue is described as easily exploitable with network access and can lead to partial denial of serv...
CVE-2019-2978
CVE-2019-2978 relates to the OpenJDK/Java SE Networking component. Affected Java releases include Java SE: 7u231, 8u221, 11.0.4, 13 and Java SE Embedded: 8u221. Root cause: incorrect handling of nested jar: URLs in the Jar URL handler, which can be triggered via network interaction. Impact: poten...
CVE-2019-2988
CVE-2019-2988 affects Oracle Java SE/SE Embedded (component 2D). Affected: Java SE 7u231, 8u221, 11.0.4, 13; Java SE Embedded 8u221. Root cause: issues in the 2D graphics subsystem enabling unauthenticated network-based access to trigger a partial denial of service. Impact is explicitly a partial...
CVE-2020-14651
CVE-2020-14651 affects MySQL Server (Oracle MySQL), component Server: Security: Roles. Affected versions are 8.0.20 and earlier. An attacker with high privileges who can access the server over the network via multiple protocols can cause a hang or crash (DOS) and may gain unauthorized update/inse...
CVE-2020-2580
CVE-2020-2580 – MySQL Server (Oracle MySQL) – DDL vulnerability . The vulnerability affects MySQL Server component: Server: DDL in 8.0.17 and earlier. A high-privilege attacker who can reach the server over the network via multiple protocols can exploit this to cause a hang or a near-frequent cra...
CVE-2020-2779
The CVE concerns Oracle MySQL Server: Privileges in MySQL Server 8.0.18 and earlier. An attacker with network access (via multiple protocols) could exploit this to cause a hang or frequent crashes (complete DoS). CVSS v3.0 base score is 4.9 (availability impact). Remediation noted in connected ma...
CVE-2020-14614
CVE-2020-14614 affects the MySQL Server (Oracle MySQL) package, specifically the Server: Optimizer. Affected versions are 8.0.20 and earlier. An attacker with high privileges and network access via multiple protocols can exploit this to cause a hang or a complete denial-of-service crash of MySQL ...
CVE-2020-14654
CVE-2020-14654 affects Oracle MySQL Server (component: Server: Optimizer). Affected are MySQL 8.0.20 and earlier. Exploitation requires network access via multiple protocols and can cause a hang or crash (complete DOS) of the MySQL Server. CVSS v3.1 base score 4.9 (Availability). Connected adviso...
CVE-2020-14791
CVE-2020-14791 affects Oracle MySQL Server (InnoDB) with versions 8.0.21 and earlier. The vulnerability is exploitable over network via multiple protocols to high-privilege attackers and can cause partial denial of service on MySQL Server. Public documentation confirms the flaw and associated imp...
CVE-2020-14793
CVE-2020-14793 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 5.6.49 and earlier, 5.7.31 and earlier, 8.0.21 and earlier. Exploitation requires network access, potentially via multiple protocols, with high privileges to cause a hang or crash (DoS). Connected advisories confirm m...
CVE-2020-14845
CVE-2020-14845 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.21 and earlier. The vulnerability enables a network-authenticated, high-privileged attacker to cause a denial of service (hang or crash) in MySQL Server via multiple protocols. Impact: availability disruption; CVS...
CVE-2020-2925
CVE-2020-2925 affects Oracle MySQL Server, component Server: PS, with affected versions 8.0.19 and earlier. The connected sources confirm a high-privilege, network-accessible attacker could cause a hang or frequent crash (DoS) of MySQL Server. No exploit details are provided in the documents. A r...
CVE-2021-35586
CVE-2021-35586 is a vulnerability in Oracle Java SE (Java SE component: ImageIO) and Oracle GraalVM Enterprise Edition (affected versions: Java SE 7u311, 8u301, 11.0.12, 17; GraalVM EE: 20.3.3, 21.2.0) that enables an unauthenticated attacker with network access via multiple protocols to cause a ...
CVE-2018-2562
CVE-2018-2562 affects the MySQL Server component (Partition subcomponent) of Oracle MySQL. Affected versions include 5.5.58 and earlier, 5.6.38 and earlier, and 5.7.19 and earlier. The vulnerability allows a low-privileged, network-attacker with access via multiple protocols to cause a hang or cr...
CVE-2020-14632
CVE-2020-14632 concerns the MySQL Server component “Server: Options.” The vulnerability affects MySQL 8.0.x (8.0.20 and earlier) and can be exploited remotely with high privileges to cause a hang or crash of MySQL Server (DoS) via multiple network protocols. Connected advisories ( MiracleLinux AX...
CVE-2021-35564
CVE-2021-35564 affects Java SE (Keytool) and Oracle GraalVM Enterprise Edition, with affected Java SE versions 7u311, 8u301, 11.0.12, 17 and GraalVM EE 20.3.3/21.2.0. The vulnerability is exploitable remotely with unauthenticated network access and can lead to unauthorized updates/insertions/dele...
CVE-2024-21015
CVE-2024-21015 affects Oracle MySQL Server (component: Server: DML). Influence: vulnerable on MySQL Server versions 8.0.34 and prior and 8.3.0 and prior; exploit can cause hang or crash (DoS) and unauthorized update/insert/delete to some data. Affected by network-accessible vectors; base score 5....
CVE-2019-2989
CVE-2019-2989 affects Oracle Java SE/Java SE Embedded with multiple OpenJDK components (Networking) and is echoed in several advisories. Affected packages include java-1.7.0-openjdk (and variants for 7u231, 7.x, 8u221, 11.0.4, 13; Java SE Embedded 8u221). Other connected entries reference related...
CVE-2019-2998
CVE-2019-2998 affects Oracle MySQL Server, component Server: Optimizer. Affected versions are 8.0.17 and prior. An attacker with network access via multiple protocols and high privileges can cause a hang or complete DoS of MySQL Server. The connected advisories (e.g., MiracleLinux/RHSA-RHSA-2020-...
CVE-2019-3003
CVE-2019-3003 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.16 and earlier. The vulnerability is exploitable remotely over multiple protocols by a high-privilege attacker, potentially causing a hang or crash (DoS) of MySQL Server. CVSS 3.0 Base Score is 4.9 (Availability impact)...
CVE-2022-21328
CVE-2022-21328 relates to Oracle MySQL Cluster. Connected CNVD entry describes an input validation error in Oracle MySQL Cluster, making the cluster vulnerable to an attacker who can execute arbitrary code via that flaw. Affected are MySQL Cluster components for versions 7.4.34 and prior, 7.5.24 ...
CVE-2022-21336
The CVE-2022-21336 entry corresponds to Oracle MySQL Cluster (Cluster: General). Affected releases include 7.4.34 and earlier, 7.5.24 and earlier, 7.6.20 and earlier, and 8.0.27 and earlier. The vulnerability is exploitable by a high-privilege attacker with access to the hardware’s physical commu...
CVE-2019-2999
CVE-2019-2999 is a Java SE Javadoc vulnerability affecting multiple OpenJDK/OpenJDK-derived builds (e.g., Java 7u231, 8u221, 11.0.4, 13.0.1) where the Javadoc component could allow unauthenticated network access leading to data exposure/updating under a sandboxed Java Web Start/Applet context. Co...
CVE-2020-14860
Oracle MySQL CVE-2020-14860 affects MySQL Server 8.0.21 and earlier, specifically the Security: Roles component. The vulnerability could allow a high-privileged attacker with network access via multiple protocols to modify data (unauthorized update/insert/delete) in MySQL Server. Root cause and e...
CVE-2020-2659
CVE-2020-2659 affects Oracle Java SE/SE Embedded (Networking) with vulnerable openjdk7/8 builds (7u241, 8u231; Embedded 8u231). The issue is a networking component flaw in DatagramChannelImpl that could let an unauthenticated attacker cause a partial denial of service over the network. Several co...
CVE-2020-14838
CVE-2020-14838 affects Oracle MySQL Server (Server: Security: Privileges) for MySQL 8.0.21 and earlier. The vulnerability allows a low-privileged, network-authenticated attacker to read a subset of MySQL Server data via multiple protocols due to the Privileges component exposure. CVSS 3.1 Base Sc...
CVE-2019-2969
CVE-2019-2969 is a vulnerability in Oracle MySQL Server, specifically the client programs component. The connected sources indicate affected MySQL Server client-side code with versions 5.6.44 and earlier, 5.7.26 and earlier, and 8.0.16 and earlier. The issue is exploitable by an unauthenticated a...
CVE-2020-14597
CVE-2020-14597 affects Oracle MySQL Server, component Server: Optimizer, in 8.0.20 and earlier. A high-privilege attacker with network access via multiple protocols can exploit this to cause a hang or frequent crash (DoS) of MySQL Server. https://nvd.nist.gov shows CVSS 3.1 base score 4.9 (AV:N/A...
CVE-2020-14809
CVE-2020-14809 affects Oracle MySQL Server (Server: Optimizer). Affected versions are 8.0.21 and earlier. The issue allows a high-privileged attacker who can reach the server over multiple network protocols to cause a hang or frequent crash (DoS) in MySQL Server. The provided documents do not spe...
CVE-2021-3522
CVE-2021-3522 affects GStreamer before 1.18.4, where an out-of-bounds read may occur when handling certain ID3v2 tags. The issue is evidenced in multiple connected documents (e.g., Astra Linux advisory and Amazon Linux advisories) referencing an out-of-bounds read impacting availability. The conc...
CVE-2022-21340
CVE-2022-21340 concerns Oracle Java SE and GraalVM Enterprise Edition. The vulnerability affects Oracle Java SE components (Libraries) and GraalVM Enterprise Edition libraries listed as affected: Java SE 7u321, 8u311, 11.0.13, 17.0.1; GraalVM Enterprise Edition 20.3.4 and 21.3.0. The description ...
CVE-2020-14836
CVE-2020-14836 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.21 and earlier. Vulnerability allows a low-privileged, network-access attacker (via multiple protocols) to cause the server to hang or crash (complete DoS) as described in the CVE entry. Some connected advisories ...
CVE-2022-21291
CVE-2022-21291 affects Oracle Java SE (Hotspot) and Oracle GraalVM Enterprise Edition. Affected versions include Oracle Java SE 7u321, 8u311, 11.0.13, 17.0.1 and GraalVM EE 20.3.4/21.3.0. It is exploitable over network via multiple protocols and can lead to unauthorized updates/deletes of data or...
CVE-2018-3058
The connected advisory entries substantiate CVE-2018-3058 as a real MySQL/MariaDB vulnerability affecting Oracle MySQL Server (MyISAM subcomponent) with affected 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior. The issue allows a low-privilege, network-access attacker via multiple protocols ...
CVE-2022-21249
CVE-2022-21249 affects Oracle MySQL Server (Server: DDL) with affected versions up through 8.0.27 and earlier. The issue can be triggered by an attacker with network access via multiple protocols, potentially enabling a partial DoS on MySQL Server. The connected documents confirm affected package...
CVE-2022-21331
The CVE-2022-21331 issue affects Oracle MySQL Cluster (Cluster: General) with affected versions 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior, and 8.0.27 and prior. The vulnerability could allow an attacker with high privileges who has access to the hardware’s physical network segment to r...
CVE-2021-35565
CVE-2021-35565 affects Java SE (JSSE) and OpenJDK components across Java releases (7u311, 8u301, 11.0.12) and Oracle GraalVM Enterprise Edition (20.3.3, 21.2.0). The issue arises in TLS handling via the HttpsServer, enabling an unauthenticated network attacker to cause a partial denial of service...
CVE-2019-2948
CVE-2019-2948 is a vulnerability in Oracle MySQL Server (component: Server: Optimizer). Affected versions are 5.7.26 and earlier, and 8.0.16 and earlier. It permits a high-privilege attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (DoS). The conne...
CVE-2020-14575
The CVE-2020-14575 entry concerns Oracle MySQL Server (Server: DML) affecting 8.0.20 and earlier. The vulnerability is exploitable remotely over multiple protocols by a high-privilege attacker and can cause a hang or frequent crash (DoS) of MySQL Server. The CVSS 3.1 base score is 4.9 (Availabili...
CVE-2022-21341
CVE-2022-21341 is an openly documented vulnerability affecting Oracle Java SE and Oracle GraalVM Enterprise Edition across multiple components (Serialization, JAXP, ImageIO, Hotspot, Libraries, 2D, etc.). Affected versions include Java SE 7u321, 8u311, 11.0.13, 17.0.1 and GraalVM EE 20.3.4/21.3.0...
CVE-2020-14821
CVE-2020-14821 affects Oracle MySQL Server (InnoDB) and targets MySQL 8.0.21 and earlier. An authenticated, high-privilege attacker with network access via multiple protocols can cause a hang or complete DoS of MySQL Server. Public documents identify affected packages and note remediation through...
CVE-2022-21301
CVE-2022-21301 affects Oracle MySQL Server (Server: DML). Affected: MySQL 8.0.27 and earlier. Attackers with network access via multiple protocols could cause a hang or crash (DOS) and perform unauthorized data updates. Base impact: Availability and Integrity (CVSS 3.1 vector in sources). Remedia...
CVE-2022-21303
CVE-2022-21303 affects Oracle MySQL Server (component: Server: Stored Procedure). Affected versions are MySQL 5.7.36 and earlier and 8.0.27 and earlier. The vulnerability allows a high-privileged attacker with network access via multiple protocols to cause a hang or frequent crash (DoS) on the My...
CVE-2018-3278
CVE-2018-3278 affects Oracle MySQL Server (component: Server: RBR). Affected versions: 5.6.41 and prior; 5.7.23 and prior; 8.0.12 and prior. An attacker with network access via multiple protocols and high privileges can, per the description, cause a hang or a frequently repeatable crash (DOS). Th...
CVE-2022-21265
CVE-2022-21265 affects Oracle MySQL Server (Server: Optimizer) on 8.0.27 and earlier. The vulnerability arises in the Optimizer component and can allow a high-privileged attacker with network access via multiple protocols to update/insert/delete data and cause partial denial of service. Remediati...
CVE-2022-21304
CVE-2022-21304 affects Oracle MySQL Server (Server: Parser). Affected versions: MySQL 5.7.36 and earlier; 8.0.27 and earlier. The vulnerability can be exploited by a privileged attacker with network access via multiple protocols to cause the server to hang or crash (partial/complete DoS) as descr...
CVE-2023-21940
CVE-2023-21940 is a MySQL Server vulnerability affecting the 8.0.32 and earlier series in the Server: Components Services area. The issue allows a high-privilege attacker with network access to cause a hang or a crash (DoS) via multiple protocols. Supported versions affected are 8.0.32 and prior....
CVE-2019-2983
CVE-2019-2983 affects Oracle Java SE/Java SE Embedded (component: Serialization). Affected: Java SE 7u231, 8u221, 11.0.4, 13; Java SE Embedded 8u221. Unauthenticated attacker with network access can trigger a partial denial of service in Java SE/Embedded. Base CVSSv3.0 score 3.7 (Network, High/No...
CVE-2021-45960
CVE-2021-45960 (Expat/libexpat) is corroborated by connected advisories describing a left shift (29 or more) in storeAtts() of xmlparse.c that can trigger realloc misbehavior, potentially leading to allocation errors or memory mismanagement in Expat before 2.4.3. The CVE is repeatedly listed acro...