CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-2760 – mysql: InnoDB unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2760
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html •
CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2020-2779 – mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2779
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC •
CVSS: 4.9EPSS: 0%CPEs: 14EXPL: 0CVE-2020-2765 – mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2765
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC •
CVSS: 4.9EPSS: 0%CPEs: 15EXPL: 0CVE-2020-2763 – mysql: Server: Replication unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2763
15 Apr 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availa... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/77REFDB7DE4WNKQIRGZTF53RFBQOXQLC •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2020-2752 – mysql: C API unspecified vulnerability (CPU Apr 2020)
https://notcve.org/view.php?id=CVE-2020-2752
15 Apr 2020 — Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.3 (Availability impact... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html •
CVSS: 8.0EPSS: 37%CPEs: 63EXPL: 1CVE-2020-5398 – RFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application
https://notcve.org/view.php?id=CVE-2020-5398
16 Jan 2020 — In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. En Spring Framework, versiones 5.2.x anteriores a 5.2.3, versiones 5.1.x anteriores a 5.1.13 y versiones 5.0.x anteriores a 5.0.16, una aplicación es vulnerable a un ataque de tipo reflected file... • https://github.com/motikan2010/CVE-2020-5398 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-494: Download of Code Without Integrity Check •
CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0CVE-2020-2660 – mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2020)
https://notcve.org/view.php?id=CVE-2020-2660
15 Jan 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • https://security.gentoo.org/glsa/202105-27 •
CVSS: 4.9EPSS: 0%CPEs: 10EXPL: 0CVE-2020-2589 – mysql: InnoDB unspecified vulnerability (CPU Jan 2020)
https://notcve.org/view.php?id=CVE-2020-2589
15 Jan 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • https://security.gentoo.org/glsa/202105-27 •
CVSS: 4.4EPSS: 0%CPEs: 10EXPL: 0CVE-2020-2584 – mysql: Server: Options unspecified vulnerability (CPU Jan 2020)
https://notcve.org/view.php?id=CVE-2020-2584
15 Jan 2020 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). • https://security.gentoo.org/glsa/202105-27 •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0CVE-2020-2573 – mysql: C API unspecified vulnerability (CPU Jan 2020)
https://notcve.org/view.php?id=CVE-2020-2573
15 Jan 2020 — Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). • https://security.gentoo.org/glsa/202105-27 • CWE-400: Uncontrolled Resource Consumption •