Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-2531

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-16 Jan, 2019 | 19:00
Updated At-02 Oct, 2024 | 16:03
Rejected At-
Credits

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:16 Jan, 2019 | 19:00
Updated At:02 Oct, 2024 | 16:03
Rejected At:
▼CVE Numbering Authority (CNA)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Affected Products
Vendor
Oracle CorporationOracle Corporation
Product
MySQL Server
Versions
Affected
  • 5.6.42 and prior
  • 5.7.24 and prior
  • 8.0.13 and prior
Problem Types
TypeCWE IDDescription
textN/AEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Type: text
CWE ID: N/A
Description: Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/106619
vdb-entry
x_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
x_refsource_CONFIRM
https://usn.ubuntu.com/3867-1/
vendor-advisory
x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20190118-0002/
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2019:2484
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2511
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/bid/106619
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://usn.ubuntu.com/3867-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://security.netapp.com/advisory/ntap-20190118-0002/
Resource:
x_refsource_CONFIRM
Hyperlink: https://access.redhat.com/errata/RHSA-2019:2484
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2019:2511
Resource:
vendor-advisory
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/106619
vdb-entry
x_refsource_BID
x_transferred
http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
x_refsource_CONFIRM
x_transferred
https://usn.ubuntu.com/3867-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://security.netapp.com/advisory/ntap-20190118-0002/
x_refsource_CONFIRM
x_transferred
https://access.redhat.com/errata/RHSA-2019:2484
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2019:2511
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/106619
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://usn.ubuntu.com/3867-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20190118-0002/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2019:2484
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2019:2511
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:16 Jan, 2019 | 19:30
Updated At:31 Jan, 2023 | 17:39

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.9MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 4.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P
CPE Matches
Oracle Corporation
oracle
>>mysql>>Versions from 5.6.0(inclusive) to 5.6.42(inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>Versions from 5.7.0(inclusive) to 5.7.24(inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>mysql>>Versions from 8.0.0(inclusive) to 8.0.13(inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>oncommand_unified_manager>>Versions from 7.3(inclusive)
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*
NetApp, Inc.
netapp
>>oncommand_unified_manager>>Versions from 9.4(inclusive)
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*
NetApp, Inc.
netapp
>>oncommand_workflow_automation>>-
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>snapcenter>>-
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
NetApp, Inc.
netapp
>>storage_automation_store>>-
cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>18.04
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>18.10
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>software_collections>>1.0
cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux>>8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>8.1
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>8.2
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>8.4
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_eus>>8.6
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>8.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>8.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_aus>>8.6
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_tus>>8.2
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_tus>>8.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server_tus>>8.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlsecalert_us@oracle.com
Patch
Vendor Advisory
http://www.securityfocus.com/bid/106619secalert_us@oracle.com
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2019:2484secalert_us@oracle.com
Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2511secalert_us@oracle.com
Third Party Advisory
https://security.netapp.com/advisory/ntap-20190118-0002/secalert_us@oracle.com
Third Party Advisory
https://usn.ubuntu.com/3867-1/secalert_us@oracle.com
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Source: secalert_us@oracle.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/106619
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://access.redhat.com/errata/RHSA-2019:2484
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2019:2511
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20190118-0002/
Source: secalert_us@oracle.com
Resource:
Third Party Advisory
Hyperlink: https://usn.ubuntu.com/3867-1/
Source: secalert_us@oracle.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1000Records found
CVE-2018-3030
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.91% / 74.89%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle FLEXCUBE Investor Servicing. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-flexcube_investor_servicingFLEXCUBE Investor Servicing
CVE-2018-3080
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-1.14% / 77.59%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightstorage_automation_storeoncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2024-21054
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.15% / 36.13%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:26
Updated-13 Feb, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-MySQL Servermysql_server
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2021-2425
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-25 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2018-3145
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 62.21%
||
7 Day CHG+0.17%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-n/aNetApp, Inc.Oracle Corporation
Product-snapcenterstorage_automation_storeoncommand_workflow_automationoncommand_unified_managermysqloncommand_insightn/a
CVE-2021-2410
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-26 Sep, 2024 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2018-3269
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.3||MEDIUM
EPSS-0.60% / 68.60%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SMB Server). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Solaris. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-solarisSolaris Operating System
CVE-2021-2339
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.35% / 56.94%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-mysqlfedoraoncommand_insightMySQL Server
CVE-2021-2357
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.44% / 62.26%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-mysqlfedoraoncommand_insightMySQL Server
CVE-2021-2370
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.44% / 62.26%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-fedoramysql_serveroncommand_insightMySQL Server
CVE-2021-2340
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-2.7||LOW
EPSS-0.27% / 49.91%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-oncommand_insightfedoraoncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2018-3161
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.31% / 53.47%
||
7 Day CHG-0.17%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysqlMySQL Server
CVE-2018-3278
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.16% / 37.33%
||
7 Day CHG+0.07%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Microsoft CorporationNetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxoncommand_insightstorage_automation_storewindowsoncommand_workflow_automationoncommand_unified_managermysqlsnapcenterMySQL Server
CVE-2018-3137
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.44% / 62.21%
||
7 Day CHG+0.06%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Microsoft CorporationNetApp, Inc.Oracle Corporation
Product-snapcenterstorage_automation_storewindowsoncommand_workflow_automationoncommand_unified_managermysqloncommand_insightMySQL Server
CVE-2018-3186
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.34% / 55.88%
||
7 Day CHG+0.04%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Microsoft CorporationNetApp, Inc.Oracle Corporation
Product-oncommand_insightwindowsoncommand_workflow_automationoncommand_unified_managermysqlsnapcenterMySQL Server
CVE-2018-3063
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Oracle CorporationCanonical Ltd.
Product-ubuntu_linuxsnapcenterdebian_linuxmariadboncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2021-2342
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.44% / 62.26%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-oncommand_insightfedoraoncommand_workflow_automationmysql_serversnapcenterMySQL Server
CVE-2021-2437
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-25 Sep, 2024 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2018-3162
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.18% / 40.03%
||
7 Day CHG-0.00%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationNetApp, Inc.Oracle CorporationCanonical Ltd.
Product-ubuntu_linuxsnapcentermariadbactive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2021-2387
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-26 Sep, 2024 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2021-2426
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.31% / 53.68%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-25 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2021-2367
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.44% / 62.26%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-fedoramysql_serveroncommand_insightMySQL Server
CVE-2021-2330
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 53.96%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Core RDBMS component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows low privileged attacker having Create Table privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Core RDBMS. CVSS 3.1 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Action-Not Available
Vendor-Oracle Corporation
Product-core_rdbmsDatabase - Enterprise Edition
CVE-2021-2424
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-25 Sep, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2021-2416
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.21% / 43.93%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 10:49
Updated-25 Sep, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Session Border Controller. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Communications Session Border Controller. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-communications_session_border_controllerCommunications Session Border Controller
CVE-2018-3279
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.34% / 55.88%
||
7 Day CHG+0.04%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Microsoft CorporationNetApp, Inc.Oracle Corporation
Product-snapcenterstorage_automation_storewindowsoncommand_workflow_automationoncommand_unified_managermysqloncommand_insightMySQL Server
CVE-2021-2352
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.35% / 56.94%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:43
Updated-26 Sep, 2024 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle CorporationFedora Project
Product-mysqlfedoraoncommand_insightMySQL Server
CVE-2018-3200
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.19% / 41.13%
||
7 Day CHG-0.02%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationNetApp, Inc.Oracle CorporationCanonical Ltd.
Product-ubuntu_linuxsnapcentermariadbactive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2018-3070
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-1.13% / 77.44%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Debian GNU/LinuxNetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenterdebian_linuxstorage_automation_storeoncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2018-3282
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.12% / 31.71%
||
7 Day CHG+0.04%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationDebian GNU/LinuxNetApp, Inc.Red Hat, Inc.Oracle CorporationCanonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxmariadboncommand_insightenterprise_linux_workstationactive_iq_unified_manageroncommand_workflow_automationenterprise_linux_desktopmysqlsnapcenterMySQL Server
CVE-2021-2441
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-20 Jul, 2021 | 22:44
Updated-25 Sep, 2024 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysql_serveroncommand_insightMySQL Server
CVE-2018-3173
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.19% / 41.13%
||
7 Day CHG-0.02%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-MariaDB FoundationNetApp, Inc.Oracle CorporationCanonical Ltd.
Product-ubuntu_linuxsnapcentermariadbactive_iq_unified_manageroncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2021-2305
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:54
Updated-26 Sep, 2024 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightactive_iq_unified_manageroncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2021-2212
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.52% / 65.93%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightactive_iq_unified_manageroncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2021-2278
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.52% / 65.93%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightactive_iq_unified_manageroncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2024-20970
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.25% / 48.44%
||
7 Day CHG~0.00%
Published-17 Feb, 2024 | 01:50
Updated-06 Dec, 2024 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CVE-2021-2217
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.52% / 65.93%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightactive_iq_unified_manageroncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2024-20965
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.40% / 60.14%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 21:41
Updated-20 Jun, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle CorporationNetApp, Inc.
Product-mysqloncommand_insightMySQL NDB ClusterMySQL Server
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-20966
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.22% / 45.00%
||
7 Day CHG~0.00%
Published-17 Feb, 2024 | 01:50
Updated-09 Apr, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-mysql_serverMySQL Server
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-3073
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-0.36% / 57.70%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightstorage_automation_storeoncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2021-2213
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.52% / 65.93%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightactive_iq_unified_manageroncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2021-2215
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.52% / 65.93%
||
7 Day CHG~0.00%
Published-22 Apr, 2021 | 21:53
Updated-26 Sep, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightactive_iq_unified_manageroncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2018-3075
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.29% / 51.86%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightstorage_automation_storeoncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2018-3276
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.16% / 37.80%
||
7 Day CHG+0.07%
Published-17 Oct, 2018 | 01:00
Updated-02 Oct, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-Microsoft CorporationNetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxoncommand_insightstorage_automation_storewindowsoncommand_workflow_automationoncommand_unified_managermysqlsnapcenterMySQL Server
CVE-2018-3079
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.29% / 51.86%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-oncommand_insightstorage_automation_storeoncommand_workflow_automationmysqlsnapcenterMySQL Server
CVE-2018-3077
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.47% / 63.79%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenterstorage_automation_storeoncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2022-21605
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.11% / 29.50%
||
7 Day CHG~0.00%
Published-18 Oct, 2022 | 00:00
Updated-24 Sep, 2024 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Oracle Corporation
Product-mysqloncommand_workflow_automationoncommand_insightMySQL Server
CVE-2018-3054
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.47% / 63.79%
||
7 Day CHG~0.00%
Published-18 Jul, 2018 | 13:00
Updated-02 Oct, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-NetApp, Inc.Canonical Ltd.Oracle Corporation
Product-ubuntu_linuxsnapcenterstorage_automation_storeoncommand_workflow_automationmysqloncommand_insightMySQL Server
CVE-2024-21057
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-4.9||MEDIUM
EPSS-0.19% / 40.94%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:26
Updated-01 Aug, 2024 | 22:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Action-Not Available
Vendor-mysqlOracle Corporation
Product-MySQL Servermysql
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-22144
Matching Score-8
Assigner-Elastic
ShareView Details
Matching Score-8
Assigner-Elastic
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 52.79%
||
7 Day CHG~0.00%
Published-26 Jul, 2021 | 11:48
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

Action-Not Available
Vendor-n/aOracle CorporationElasticsearch BV
Product-communications_cloud_native_core_automated_test_suiteelasticsearchn/a
CWE ID-CWE-674
Uncontrolled Recursion
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 19
  • 20
  • Next
Details not found