CVE-2024-21061 – mysql: Server: Audit Plug-in unspecified vulnerability (CPU Apr 2024)
https://notcve.org/view.php?id=CVE-2024-21061
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20240426-0014 https://www.oracle.com/security-alerts/cpuapr2024.html https://access.redhat.com/security/cve/CVE-2024-21061 https://bugzilla.redhat.com/show_bug.cgi?id=2275448 •
CVE-2024-21060
https://notcve.org/view.php?id=CVE-2024-21060
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20240426-0013 https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2024-21054
https://notcve.org/view.php?id=CVE-2024-21054
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20240426-0013 https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-121: Stack-based Buffer Overflow •
CVE-2024-21047
https://notcve.org/view.php?id=CVE-2024-21047
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20240426-0013 https://www.oracle.com/security-alerts/cpuapr2024.html •
CVE-2024-21015 – mysql: Server: DML unspecified vulnerability (CPU Apr 2024)
https://notcve.org/view.php?id=CVE-2024-21015
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). • https://security.netapp.com/advisory/ntap-20240426-0010 https://www.oracle.com/security-alerts/cpuapr2024.html https://access.redhat.com/security/cve/CVE-2024-21015 https://bugzilla.redhat.com/show_bug.cgi?id=2275435 •