Lucene search

K
OracleMysql Connectors

17 matches found

CVE
CVE
added 2021/03/25 3:15 p.m.758 views

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a...

5.9CVSS6.7AI score0.15408EPSS
CVE
CVE
added 2020/04/21 2:15 p.m.711 views

CVE-2020-1967

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorit...

7.5CVSS7.5AI score0.67225EPSS
CVE
CVE
added 2021/08/24 3:15 p.m.650 views

CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size req...

9.8CVSS9.9AI score0.03046EPSS
CVE
CVE
added 2021/08/24 3:15 p.m.631 views

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byt...

7.4CVSS8AI score0.01294EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.555 views

CVE-2023-21971

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

5.3CVSS5.2AI score0.00122EPSS
Web
CVE
CVE
added 2021/03/25 3:15 p.m.525 views

CVE-2021-3450

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...

7.4CVSS7.6AI score0.00905EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.290 views

CVE-2022-21824

Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "proto ". The prototype pollution has...

8.2CVSS8.1AI score0.00335EPSS
CVE
CVE
added 2022/01/19 12:15 p.m.284 views

CVE-2022-21363

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

6.6CVSS6AI score0.00279EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.260 views

CVE-2021-44531

Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and

7.4CVSS7.5AI score0.00076EPSS
CVE
CVE
added 2019/11/08 3:15 p.m.259 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01412EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.251 views

CVE-2021-44533

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and

5.3CVSS6.3AI score0.00364EPSS
CVE
CVE
added 2022/02/24 7:15 p.m.241 views

CVE-2021-44532

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and

5.3CVSS6.6AI score0.00132EPSS
CVE
CVE
added 2021/10/20 11:16 a.m.214 views

CVE-2021-2471

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful...

7.9CVSS5.5AI score0.62751EPSS
CVE
CVE
added 2019/01/16 7:30 p.m.174 views

CVE-2019-2435

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connector...

8.1CVSS7.4AI score0.0229EPSS
CVE
CVE
added 2017/04/24 7:59 p.m.101 views

CVE-2017-3586

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Whil...

6.4CVSS5.3AI score0.00358EPSS
CVE
CVE
added 2025/04/15 9:16 p.m.96 views

CVE-2025-30706

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attac...

7.5CVSS6.9AI score0.00088EPSS
CVE
CVE
added 2025/04/15 9:16 p.m.96 views

CVE-2025-30714

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful ...

4.8CVSS3.9AI score0.00034EPSS