Mysql Enterprise Monitor@8.0.20 Security Vulnerabilities and Issues — Mysql Enterprise Monitor@8.0.20 CVE List

Lucene search

OracleMysql Enterprise Monitor8.0.20

7 matches found

CVE•added 2020/02/24 10:15 p.m.•4132 views

CVE-2020-1938

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.8CVSS9.9AI score0.94465EPSS

In wild

CVE•added 2020/02/24 10:15 p.m.•1426 views

CVE-2020-1935

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse prox...

5.8CVSS7.4AI score0.00754EPSS

CVE•added 2020/04/21 2:15 p.m.•701 views

CVE-2020-1967

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorit...

7.5CVSS7.5AI score0.67225EPSS

CVE•added 2019/12/06 6:15 p.m.•517 views

CVE-2019-1551

There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are ...

5.3CVSS6AI score0.04845EPSS

CVE•added 2020/02/24 10:15 p.m.•505 views

CVE-2019-17569

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behin...

5.8CVSS7AI score0.06163EPSS

CVE•added 2020/01/17 7:15 p.m.•214 views

CVE-2020-5397

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not inc...

5.3CVSS5.5AI score0.00889EPSS

CVE•added 2018/10/18 10:29 p.m.•178 views

CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller ...

7.5CVSS7.3AI score0.13375EPSS