CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-1259 – undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629)
https://notcve.org/view.php?id=CVE-2022-1259
27 Jul 2022 — A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629. Se ha encontrado un fallo en Undertow. Un posible problema de seguridad en la administración del control de flujo por parte del navegador sobre HTTP/2 puede causar una sobrecarga o una denegación de servicio en el servidor. • https://access.redhat.com/security/cve/CVE-2022-1259 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 4%CPEs: 14EXPL: 2CVE-2022-36946 – kernel: DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c
https://notcve.org/view.php?id=CVE-2022-36946
27 Jul 2022 — nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. La función nfqnl_mangle en el archivo net/netfilter/nfnetlink_queue.c en el kernel de Linux versiones hasta 5.18.14, permite a atacantes remotos causar una denegación de servicio (pánico) porque, en el caso de un veredicto nf_queue con ... • https://github.com/Pwnzer0tt1/CVE-2022-36946 •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21569 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21569
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21556 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21556
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatabl... • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21553 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21553
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 9.8EPSS: 27%CPEs: 9EXPL: 0CVE-2022-21550 – Oracle MySQL Cluster Data Node Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-21550
19 Jul 2022 — Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful att... • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21547 – mysql: Server: Federated unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21547
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21539 – mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21539
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ... • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 3.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21538 – mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21538
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 3.1 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-21537 – mysql: InnoDB unspecified vulnerability (CPU Jul 2022)
https://notcve.org/view.php?id=CVE-2022-21537
19 Jul 2022 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CESCYUGY6H6O2R2GPUJLBTYSMY2PHCD •