Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-0168

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-12 Mar, 2013 | 22:00
Updated At-06 Aug, 2024 | 14:18
Rejected At-
Credits

The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:12 Mar, 2013 | 22:00
Updated At:06 Aug, 2024 | 14:18
Rejected At:
▼CVE Numbering Authority (CNA)

The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://bugzilla.redhat.com/show_bug.cgi?id=893355
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0211.html
vendor-advisory
x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/81834
vdb-entry
x_refsource_XF
http://www.securitytracker.com/id/1028076
vdb-entry
x_refsource_SECTRACK
http://www.securityfocus.com/bid/57750
vdb-entry
x_refsource_BID
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=893355
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0211.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/81834
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securitytracker.com/id/1028076
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securityfocus.com/bid/57750
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://bugzilla.redhat.com/show_bug.cgi?id=893355
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-0211.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/81834
vdb-entry
x_refsource_XF
x_transferred
http://www.securitytracker.com/id/1028076
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securityfocus.com/bid/57750
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=893355
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0211.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/81834
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securitytracker.com/id/1028076
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securityfocus.com/bid/57750
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:12 Mar, 2013 | 23:55
Updated At:29 Apr, 2026 | 01:13

The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to cause a denial of service (free space consumption of other storage domains) via unspecified vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches

Red Hat, Inc.
redhat
>>enterprise_virtualization_manager>>Versions up to 3.1(inclusive)
cpe:2.3:a:redhat:enterprise_virtualization_manager:*:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_virtualization_manager>>2.1
cpe:2.3:a:redhat:enterprise_virtualization_manager:2.1:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_virtualization_manager>>2.2
cpe:2.3:a:redhat:enterprise_virtualization_manager:2.2:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_virtualization_manager>>2.2.3
cpe:2.3:a:redhat:enterprise_virtualization_manager:2.2.3:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_virtualization_manager>>3.0
cpe:2.3:a:redhat:enterprise_virtualization_manager:3.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-264Primarynvd@nist.gov
CWE ID: CWE-264
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://rhn.redhat.com/errata/RHSA-2013-0211.htmlsecalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/bid/57750secalert@redhat.com
N/A
http://www.securitytracker.com/id/1028076secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=893355secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/81834secalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-0211.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/57750af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1028076af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=893355af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/81834af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0211.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/57750
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1028076
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=893355
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/81834
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0211.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/57750
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1028076
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=893355
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/81834
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

223Records found

CVE-2017-3238
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-4.79% / 90.85%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Action-Not Available
Vendor-MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_server_ausenterprise_linux_eusMySQL Server
CVE-2014-0401
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.79% / 88.66%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2014-0412
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.36% / 87.25%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2014-0402
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.36% / 87.25%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 02:50
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2014-0386
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.36% / 87.25%
||
7 Day CHG~0.00%
Published-15 Jan, 2014 | 01:33
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2013-4296
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-2.68% / 83.97%
||
7 Day CHG~0.00%
Published-30 Sep, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxlibvirtenterprise_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3839
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.09% / 86.12%
||
7 Day CHG~0.00%
Published-16 Oct, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopn/a
CVE-2013-4485
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-1.99% / 78.26%
||
7 Day CHG~0.00%
Published-23 Nov, 2013 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

389 Directory Server 1.2.11.15 (aka Red Hat Directory Server before 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.
Product-enterprise_linuxdirectory_server389_directory_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4239
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-1.97% / 77.99%
||
7 Day CHG~0.00%
Published-30 Sep, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-libvirtn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2392
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.26% / 80.84%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 14:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2013-1532
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.26% / 80.84%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 12:10
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2013-1555
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.60% / 83.47%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 12:10
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_eusn/a
CVE-2013-2389
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.26% / 80.84%
||
7 Day CHG~0.00%
Published-17 Apr, 2013 | 14:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2013-1416
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4||MEDIUM
EPSS-2.92% / 85.35%
||
7 Day CHG~0.00%
Published-19 Apr, 2013 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request.

Action-Not Available
Vendor-n/aopenSUSEMIT (Massachusetts Institute of Technology)Red Hat, Inc.Fedora Project
Product-enterprise_linux_serverkerberos_5enterprise_linux_workstationenterprise_linux_desktopfedoraenterprise_linux_server_ausenterprise_linux_eusopensusen/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2012-4556
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-1.19% / 64.24%
||
7 Day CHG~0.00%
Published-04 Jan, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 allows remote attackers to cause a denial of service (Apache httpd web server child process restart) via certain unspecified empty search fields in a user certificate search query.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-certificate_systemn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4555
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-1.19% / 64.24%
||
7 Day CHG~0.00%
Published-04 Jan, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The token processing system (pki-tps) in Red Hat Certificate System (RHCS) before 8.1.3 does not properly handle interruptions of token format operations, which allows remote attackers to cause a denial of service (NULL pointer dereference and Apache httpd web server child process crash) via unspecified vectors.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-certificate_systemn/a
CVE-2012-5614
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-13.18% / 95.89%
||
7 Day CHG~0.00%
Published-03 Dec, 2012 | 11:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2020-14336
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.93% / 56.24%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 11:48
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-openshift_container_platformOpenshift
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2012-3150
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.42% / 87.45%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 23:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2012-3173
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.42% / 87.45%
||
7 Day CHG~0.00%
Published-17 Oct, 2012 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2012-3180
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.42% / 87.45%
||
7 Day CHG~0.00%
Published-17 Oct, 2012 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2012-3166
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.03% / 85.88%
||
7 Day CHG~0.00%
Published-17 Oct, 2012 | 00:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopenterprise_linux_eusenterprise_linuxn/a
CVE-2012-2685
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-2.16% / 79.95%
||
7 Day CHG~0.00%
Published-28 Sep, 2012 | 17:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to cause a denial of service (memory consumption) via a large size in an image request.

Action-Not Available
Vendor-trevor_mckayn/aRed Hat, Inc.
Product-enterprise_mrgcuminn/a
CVE-2020-10761
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-1.80% / 75.77%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 12:07
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.

Action-Not Available
Vendor-openSUSEQEMUCanonical Ltd.Red Hat, Inc.
Product-ubuntu_linuxenterprise_linuxqemuleapQEMU:
CWE ID-CWE-617
Reachable Assertion
CVE-2012-1705
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.63% / 83.64%
||
7 Day CHG~0.00%
Published-17 Jan, 2013 | 01:30
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.
Product-ubuntu_linuxenterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2012-1734
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.92% / 89.04%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2012-0540
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-3.70% / 88.40%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2012-0574
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.83% / 84.89%
||
7 Day CHG~0.00%
Published-17 Jan, 2013 | 01:30
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.
Product-ubuntu_linuxenterprise_linux_workstationenterprise_linux_servermariadbmysqlenterprise_linux_desktopenterprise_linux_eusn/a
CVE-2010-3701
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4||MEDIUM
EPSS-1.50% / 71.23%
||
7 Day CHG~0.00%
Published-12 Oct, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to cause a denial of service (stack memory exhaustion and broker crash) via a large persistent message.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-enterprise_mrgn/a
CVE-2019-2689
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-2.02% / 78.60%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.
Product-software_collectionsenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2803
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-2.01% / 78.46%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.
Product-software_collectionsenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2529
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-4.36% / 90.07%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxmariadbenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxstorage_automation_storeenterprise_linux_eusoncommand_workflow_automationenterprise_linux_server_tusoncommand_unified_managerenterprise_linux_desktopmysqlsnapcenterMySQL Server
CVE-2019-2755
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-2.20% / 80.32%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.Fedora Project
Product-software_collectionsenterprise_linux_server_ausfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2780
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-2.12% / 79.61%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Components / Services). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.Fedora Project
Product-software_collectionsenterprise_linux_server_ausfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2694
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-2.10% / 79.43%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.
Product-software_collectionsenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2607
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-2.23% / 80.61%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.Fedora Project
Product-software_collectionsenterprise_linux_server_ausfedoraenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2812
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-2.08% / 79.28%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 22:31
Updated-01 Oct, 2024 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.
Product-software_collectionsenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-2455
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-3.69% / 88.35%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 19:00
Updated-02 Oct, 2024 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxsnapcentermariadbenterprise_linux_server_ausenterprise_linux_workstationactive_iq_unified_managerenterprise_linux_eusoncommand_workflow_automationenterprise_linux_server_tusenterprise_linux_desktopmysqloncommand_insightMySQL Server
CVE-2016-0503
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4||MEDIUM
EPSS-2.80% / 84.74%
||
7 Day CHG~0.00%
Published-21 Jan, 2016 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEOracle CorporationRed Hat, Inc.
Product-ubuntu_linuxmysqlleapenterprise_linuxopensusen/a
CVE-2019-2681
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-2.02% / 78.60%
||
7 Day CHG~0.00%
Published-23 Apr, 2019 | 18:16
Updated-02 Oct, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationRed Hat, Inc.
Product-software_collectionsenterprise_linux_server_ausenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusmysqlMySQL Server
CVE-2019-1002100
Matching Score-8
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
ShareView Details
Matching Score-8
Assigner-7556d962-6fb7-411e-85fa-6cd62f095ba8
CVSS Score-6.5||MEDIUM
EPSS-10.61% / 95.24%
||
7 Day CHG+0.09%
Published-01 Apr, 2019 | 14:14
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.

Action-Not Available
Vendor-Red Hat, Inc.Kubernetes
Product-kubernetesopenshift_container_platformKubernetes
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2019-10153
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-2.17% / 80.08%
||
7 Day CHG~0.00%
Published-30 Jul, 2019 | 22:10
Updated-04 Aug, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.

Action-Not Available
Vendor-clusterlabsClusterLabsRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_workstationfence-agentsenterprise_linuxfence-agents
CWE ID-CWE-172
Encoding Error
CVE-2016-5626
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-6.09% / 92.55%
||
7 Day CHG~0.00%
Published-25 Oct, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS.

Action-Not Available
Vendor-n/aMariaDB FoundationRed Hat, Inc.Oracle Corporation
Product-enterprise_linux_servermariadbmysqlenterprise_linux_server_tusenterprise_linux_server_ausenterprise_linux_eusn/a
CVE-2018-3282
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-3.97% / 89.20%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxmariadboncommand_insightenterprise_linux_workstationactive_iq_unified_manageroncommand_workflow_automationenterprise_linux_desktopmysqlsnapcenterMySQL Server
CVE-2018-2781
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-3.29% / 87.00%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 02:00
Updated-03 Oct, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxmariadboncommand_insightenterprise_linux_server_ausenterprise_linux_workstationopenstackactive_iq_unified_managerenterprise_linux_eusoncommand_workflow_automationenterprise_linux_server_tusenterprise_linux_desktopmysqlsnapcenterMySQL Server
CVE-2018-2819
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-3.17% / 86.46%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 02:00
Updated-03 Oct, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxsnapcenterdebian_linuxmariadbenterprise_linux_server_ausenterprise_linux_workstationopenstackactive_iq_unified_managerenterprise_linux_eusoncommand_workflow_automationenterprise_linux_server_tusenterprise_linux_desktopmysqloncommand_insightMySQL Server
CVE-2018-2817
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-3.17% / 86.46%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 02:00
Updated-03 Oct, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxsnapcenterdebian_linuxmariadbenterprise_linux_server_ausenterprise_linux_workstationopenstackactive_iq_unified_managerenterprise_linux_eusoncommand_workflow_automationenterprise_linux_server_tusenterprise_linux_desktopmysqloncommand_insightMySQL Server
CVE-2018-20699
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.9||MEDIUM
EPSS-2.23% / 80.61%
||
7 Day CHG~0.00%
Published-12 Jan, 2019 | 02:00
Updated-05 Aug, 2024 | 12:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go.

Action-Not Available
Vendor-n/aRed Hat, Inc.Docker, Inc.
Product-enterprise_linux_serverenginen/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-16846
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-2.14% / 79.77%
||
7 Day CHG~0.00%
Published-15 Jan, 2019 | 18:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was found in Ceph versions before 13.2.4 that authenticated ceph RGW users can cause a denial of service against OMAPs holding bucket indices.

Action-Not Available
Vendor-[UNKNOWN]Canonical Ltd.Red Hat, Inc.openSUSEDebian GNU/Linux
Product-ceph_storageubuntu_linuxenterprise_linux_serverdebian_linuxcephleapceph
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2018-16848
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.18% / 63.76%
||
7 Day CHG~0.00%
Published-15 Jun, 2020 | 14:18
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-openstack-mistralopenstack-mistral
CWE ID-CWE-400
Uncontrolled Resource Consumption
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found