137 matches found
CVE-2019-2755
CVE-2019-2755 affects the MySQL Server component of Oracle MySQL (Server: Replication). The vulnerability can be exploited by a high-privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash (complete DoS) of MySQL Server. Affected versions incl...
CVE-2022-4904
CVE-2022-4904 affects the c-ares library. The issue stems from missing input validation in ares_set_sortlist, enabling an arbitrary-length stack overflow and potentially causing denial of service with limited impacts to confidentiality and integrity. Connected advisories indicate this vulnerabili...
CVE-2019-2819
CVE-2019-2819 affects Oracle MySQL MySQL Server (subcomponent: Server: Security: Audit). Affected versions: 5.6.44 and prior, 5.7.26 and prior, 8.0.16 and prior. Attack requires network access; impact can be a hang/crash (DOS) and unauthorized data updates/deletes. Remediation in public advisorie...
CVE-2014-4650
CVE-2014-4650 affects the CGIHTTPServer module in Python 2.7.5 and 3.3.4, where URL-encoded path separators (e.g., %2f) can allow remote attackers to read CGI script sources, traverse directories, or execute unintended code. Connected advisories document this vulnerability alongside related Pytho...
CVE-2019-2434
CVE-2019-2434 affects the Oracle MySQL Server component (subcomponent: Server: Parser). Affected versions include 5.7.24 and earlier and 8.0.13 and earlier. It is exploitable over the network by a low-privileged attacker and can cause a hang or a crash (availability impact) in MySQL Server. The C...
CVE-2019-2420
CVE-2019-2420 is a vulnerability in the Oracle MySQL Server: Optimizer subcomponent. Affected products/versions include MySQL Server 5.7.24 and prior and 8.0.13 and prior; exploitation requires network access and high privileges, via multiple protocols, to cause a hang or frequent crash (DoS). Co...
CVE-2019-2539
In the provided connected documents, CVE-2019-2539 is described as a vulnerability in the MySQL Server component (subcomponent: Server: Connection). Affected versions are 8.0.13 and prior. The flaw can be exploited by a highly privileged attacker with network access via multiple protocols to caus...
CVE-2019-2811
CVE-2019-2811 is a MySQL Server vulnerability (subcomponent: Security: Privileges). The initial description notes affected versions are 8.0.16 and prior, with an attacker who has network access via multiple protocols being able to exploit the issue to cause a hang or crash (DoS) of MySQL Server. ...
CVE-2019-2535
CVE-2019-2535 affects Oracle MySQL Server (subcomponent: Server: Options). From the public records, affected versions are 8.0.13 and prior. The vulnerability is described as difficult to exploit but can allow a high-privileged attacker who can log on to the host where MySQL Server runs to comprom...
CVE-2019-2683
CVE-2019-2683 is a vulnerability in Oracle MySQL’s MySQL Server component, specifically the Server: Options area. Affected versions are 5.6.43 and earlier, 5.7.25 and earlier, and 8.0.15 and earlier. The issue is exploitable over the network via multiple protocols and can allow a high privileged ...
CVE-2021-3656
CVE-2021-3656 describes a flaw in the KVM hypervisor for AMD processors where the L1 guest can provide a VMCB with an improperly validated virt_ext field, allowing the L1 to disable VMLOAD/VMSAVE intercepts and VLS for the L2 guest. This enables the L2 guest to read/write portions of the host’s p...
CVE-2019-2784
CVE-2019-2784 affects Oracle MySQL Server (Server: DML) with vulnerable versions 8.0.16 and earlier. The issue enables a high-privileged attacker, over network via multiple protocols, to cause a hang or crash (complete DOS) of MySQL Server. Remediation in linked advisories shows a fix as upgrade ...
CVE-2019-2808
CVE-2019-2808 affects Oracle MySQL Server (Server: Optimizer). The connected advisories show vulnerable versions include 8.0.16 and earlier; exploitation can allow a high-privilege attacker with network access via multiple protocols to cause a hang or a full crash (DoS) of MySQL Server. Remediati...
CVE-2019-2532
CVE-2019-2532 affects Oracle MySQL Server, subcomponent Server: Security: Privileges. Affected: MySQL Server versions 5.7.24 and earlier, and 8.0.13 and earlier. Description states an easily exploitable, network-accessible vulnerability that can grant high privileges to an attacker and may cause ...
CVE-2019-2530
CVE-2019-2530 is a vulnerability in Oracle MySQL Server (Server: Optimizer). Affected are MySQL 8.0.13 and earlier. It allows a high-privileged attacker with network access to cause a hang or a frequent crash (DoS); CVSS 3.1 base score 4.9. Remediation in advisories (e.g., RHSA-2019:2511) is to u...
CVE-2023-39417
CVE-2023-39417 concerns a SQL injection in PostgreSQL extension scripting substitutions (@extowner@/@extschema@ inside quotes) that can, with administrator-installed vulnerable non-bundled extensions and database CREATE privilege, allow arbitrary code execution as the bootstrap superuser. Affecte...
CVE-2019-2533
CVE-2019-2533 affects Oracle MySQL Server (Server: Privileges) with affected versions up to 8.0.13. The vulnerability allows a low-privileged, networked attacker to compromise MySQL Server, potentially leading to unauthorized creation, deletion or modification of data or access to all data on the...
CVE-2019-2617
CVE-2019-2617 is a MySQL Server vulnerability in the Server: Replication path. Affected: MySQL 8.0.15 and prior. Exploitation requires network access via multiple protocols and can lead to a hang or full crash (DOS). Remediation in vendor advisories includes upgrading to fixed releases (e.g., Red...
CVE-2019-2757
CVE-2019-2757 affects Oracle MySQL (MySQL Server, subcomponent Server: Optimizer). Affected versions are 5.7.26 and prior and 8.0.16 and prior. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) in MySQL Server...
CVE-2019-2814
CVE-2019-2814 affects the MySQL Server component (InnoDB) of Oracle MySQL. Affected versions are 8.0.16 and earlier. The vulnerability is described as difficult to exploit but allows a high-privilege attacker with network access to update, insert, or delete some MySQL data, implying an integrity ...
CVE-2019-2581
CVE-2019-2581 affects Oracle MySQL Server, subcomponent Server: Optimizer. Affected versions are 5.7.25 and prior and 8.0.15 and prior. The vulnerability arises in the MySQL Optimizer path and can, with network access, allow a high-privilege attacker to trigger a hang or a complete DoS via certai...
CVE-2019-2536
CVE-2019-2536 affects the MySQL Server subcomponent “Server: Packaging” in Oracle MySQL. Affected versions are 8.0.13 and earlier. The vulnerability is described as difficult to exploit and requires a user with high privileges and user interaction, with the potential to cause a hang or a complete...
CVE-2019-2681
CVE-2019-2681 affects Oracle MySQL’s MySQL Server component, specifically the Optimizer subcomponent. Affected versions are 8.0.15 and prior. The vulnerability allows a high-privilege attacker who can reach the server over multiple network protocols to cause a hang or a frequent crash (DoS) in My...
CVE-2019-2436
CVE-2019-2436 affects Oracle MySQL Server (subcomponent: Server: Replication). Affected: MySQL 8.0.13 and prior. Impact: high-privilege attacker with network access via multiple protocols can cause a hang or complete denial of service, and can also update/insert/delete some data. Remediation: upg...
CVE-2019-2585
CVE-2019-2585 is a vulnerability in the MySQL Server component (InnoDB) of Oracle MySQL. Affected versions are 8.0.15 and prior . An attacker with network access and high privileges can cause a hang or complete denial of service via multiple protocols. Public advisories consistently describe Inno...
CVE-2019-2800
CVE-2019-2800 affects Oracle MySQL Server (subcomponent: Server: Replication) with affected versions 8.0.16 and prior. The vulnerability arises in the MySQL Server replication path, enabling a low-privileged, network-accessible attacker to cause a hang or frequent crash (DOS) and may also give un...
CVE-2019-2774
CVE-2019-2774 affects the MySQL Server component (Server: Optimizer) of Oracle MySQL. Affected versions are 5.7.26 and earlier and 8.0.16 and earlier. The vulnerability can be triggered by a high-privilege attacker with network access via multiple protocols, potentially causing a hang or repeated...
CVE-2019-2607
CVE-2019-2607: A vulnerability in the MySQL Server component (subcomponent: Server: Optimizer) affects Oracle MySQL 8.0.x up to and including 8.0.15. An attacker with network access via multiple protocols and high privileges can trigger a hang or a complete DoS in MySQL Server. Public advisories ...
CVE-2019-2625
CVE-2019-2625 is a vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Affected versions are 8.0.15 and prior. An attacker with network access and high privileges can exploit this to cause a hang or a complete denial of service on the MySQL Server. The C...
CVE-2019-2879
CVE-2019-2879 is a vulnerability in Oracle MySQL's MySQL Server, subcomponent InnoDB. The publicly documented affected versions are 8.0.16 and earlier, with exploitation achievable over network to cause a hang or crash of MySQL Server (high availability impact). Multiple connected advisories (RHS...
CVE-2019-2593
CVE-2019-2593 affects Oracle MySQL Server (InnoDB) with affected versions 8.0.15 and earlier. The vulnerability is exploitable over the network by a highly privileged attacker and can cause a hang or crash (DoS) of MySQL Server (availability impact). Documented in multiple advisories (e.g., CentO...
CVE-2019-2606
CVE-2019-2606 is a vulnerability in the Oracle MySQL Server component (Server: Security: Privileges). Documents consistently define the affected scope as MySQL Server, with vulnerable versions listed as 8.0.15 and prior. The exploit scenario described is a high-privilege attacker with network acc...
CVE-2019-2626
CVE-2019-2626 : A vulnerability in the MySQL Server component (subcomponent: Server: DDL) affecting Oracle MySQL. Affected versions are 8.0.15 and prior. An attacker with network access via multiple protocols and with high privileges can cause the MySQL Server to hang or crash (DOS). The connecte...
CVE-2019-2635
CVE-2019-2635: Vulnerability in the MySQL Server component (subcomponent: Replication). Affected are Oracle MySQL 8.0.15 and prior. Exploitation via network and multiple protocols can lead to a hang or frequent crash (DoS) of MySQL Server. Severity in CVSS 3.0 Base: 4.9 (Availability impact). Rem...
CVE-2019-2752
CVE-2019-2752 is a vulnerability in the Oracle MySQL Server component (subcomponent: Server: Options). Affected are MySQL Server versions 8.0.16 and prior. The issue enables a high-privileged attacker with network access via multiple protocols to potentially cause a hang or a frequently repeating...
CVE-2019-2796
CVE-2019-2796 affects Oracle MySQL Server, subcomponent Server: Optimizer. Affected versions are 8.0.16 and prior. An attacker with network access via multiple protocols and high privileges can cause a hang or a complete DOS on MySQL Server; CVSS 3.0 Base Score 4.9. Remedies in advisories referen...
CVE-2019-2623
CVE-2019-2623 affects Oracle MySQL Server (subcomponent: Server: Options) with affected versions 8.0.15 and prior. The vulnerability allows a low-privileged attacker with network access via multiple protocols to cause a hang or frequent, repeatable crash of MySQL Server (complete DOS). The issue ...
CVE-2019-2689
CVE-2019-2689 affects Oracle MySQL Server (Server: Optimizer). Affects 8.0.15 and earlier. An attacker with network access via multiple protocols and high privileges can cause a hang or complete DoS (crash) of MySQL Server. Public advisories indicate a fix is available in newer MySQL packages (e....
CVE-2019-2695
CVE-2019-2695 affects Oracle MySQL’s MySQL Server component (subcomponent: Server: Optimizer). Affected versions are 8.0.15 and earlier. An attacker with low privileges, via network access over multiple protocols, can exploit this to cause a hang or a crash (DoS). CVSS 3.0 Base Score: 6.5 (Availa...
CVE-2019-2785
CVE-2019-2785 affects Oracle MySQL Server (InnoDB). Affected: MySQL Server 8.0.16 and earlier. Vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS). Remediation: upgrade to 8.0.17 where addressed (per RHSA-2019:2484). Other sourc...
CVE-2019-2686
CVE-2019-2686 is a vulnerability in the Oracle MySQL Server component (Server: Optimizer). Affected: MySQL 8.0.15 and earlier. Symptom: an attacker with network access via multiple protocols can cause the server to hang or crash (DoS). The supplied connected documents confirm the existence and sc...
CVE-2019-2778
CVE-2019-2778 affects Oracle MySQL Server (Server: Privileges). Affected: 5.7.26 and earlier; 8.0.16 and earlier. An attacker with network access can exploit via multiple protocols to obtain unauthorized update/insert/delete of data and cause partial DoS (per CVSS 3.1 base 5.4). Connected advisor...
CVE-2019-2634
CVE-2019-2634 affects the MySQL Server component of Oracle MySQL (Server: Replication). Affected: 8.0.15 and prior. Description in connected sources shows that an unauthenticated or minimally authenticated attacker could cause a hang or crash (DoS) in MySQL Server through replication pathways. Mo...
CVE-2019-2693
CVE-2019-2693 affects Oracle MySQL Server (subcomponent: Server: Optimizer). Affected versions are 8.0.15 and prior. An attacker with network access via multiple protocols and low privileges can cause a hang or a complete DoS via exploiting the Optimizer, per vendor advisories. The CVSS v3.0 Base...
CVE-2019-2592
CVE-2019-2592 is a vulnerability in Oracle MySQL Server (Server: PS) affecting 5.7.25 and earlier and 8.0.15 and earlier. It can be exploited remotely over multiple protocols by a high-privilege attacker to cause a hang or a complete DoS of MySQL Server. Public advisories from Red Hat, Rocky Linu...
CVE-2019-2624
CVE-2019-2624 (MySQL Server, InnoDB) is a network-exploitable vulnerability in Oracle MySQL’s server component. The connected advisories confirm the affected range is 8.0.15 and earlier, with the vulnerability enabling a high-privilege attacker to cause a hang or complete DOS via multiple protoco...
CVE-2019-2789
CVE-2019-2789 is an Oracle MySQL Server vulnerability (Server: Security: Privileges). Affected versions are 8.0.16 and earlier. The IBM Guardium bulletin states an authenticated attacker with network access can exploit this to access and modify data, with CVSS v3 base score 2.7 and impact: no con...
CVE-2019-2620
CVE-2019-2620 affects the MySQL Server component of Oracle MySQL (subcomponent: Security: Privileges). Affected versions are 8.0.15 and prior. An attacker with network access and high privileges can cause a hang or crash (complete DoS) of MySQL Server. CVSS 3.0 base score is 4.9 (Availability). P...
CVE-2019-2685
CVE-2019-2685 affects Oracle MySQL Server (Server: Optimizer). Affected versions are 8.0.15 and prior. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or crash (DoS) of MySQL Server. Connected documents confirm multiple advisories refe...
CVE-2019-2826
CVE-2019-2826 is a MySQL Server vulnerability affecting the Server: Security: Roles subcomponent. Affected versions are 8.0.16 and prior. The vulnerability can be exploited by a highly privileged attacker with network access via multiple protocols to cause a hang or a complete DOS (crash) of MySQ...