CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2533 – mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2533
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2019-2534 – mysql: Server: Replication unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2534
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, ins... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.1EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2535 – mysql: Server: Options unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2535
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.1 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2536 – mysql: Server: Packaging unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2536
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attack... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.9EPSS: 0%CPEs: 26EXPL: 0CVE-2019-2537 – mysql: Server: DDL unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2537
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availabil... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.9EPSS: 0%CPEs: 18EXPL: 0CVE-2019-2539 – mysql: Server: Connection unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2539
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.9EPSS: 0%CPEs: 24EXPL: 0CVE-2019-2481 – mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2019)
https://notcve.org/view.php?id=CVE-2019-2481
16 Jan 2019 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Ava... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 5.9EPSS: 3%CPEs: 17EXPL: 0CVE-2019-2449 – Oracle Java jnlp Protocol Directory Traversal Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2019-2449
16 Jan 2019 — Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 9.8EPSS: 4%CPEs: 25EXPL: 0CVE-2018-19361 – jackson-databind: improper polymorphic deserialization in openjpa class
https://notcve.org/view.php?id=CVE-2018-19361
02 Jan 2019 — FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. Las versiones 2.x de FasterXML jackson-databind anteriores a la 2.9.8 podrían permitir a los atacantes remotos tener un impacto no especificado aprovechando un fallo para bloquear la clase openjpa de deserialización polimórfica. A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious... • http://www.securityfocus.com/bid/107985 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 6%CPEs: 24EXPL: 0CVE-2018-19362 – jackson-databind: improper polymorphic deserialization in jboss-common-core class
https://notcve.org/view.php?id=CVE-2018-19362
02 Jan 2019 — FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. Las versiones 2.x de FasterXML jackson-databind anteriores a la 2.9.8 podrían permitir a los atacantes remotos tener un impacto no especificado aprovechando un fallo para bloquear la clase jboss-common-core de deserialización polimórfica. A flaw was discovered in jackson-databind, where it would permit polymorphic deserializ... • http://www.securityfocus.com/bid/107985 • CWE-502: Deserialization of Untrusted Data •