CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2018-2839 – mysql: Server: DML unspecified vulnerability (CPU Apr 2018)
https://notcve.org/view.php?id=CVE-2018-2839
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103845 http://www.securitytracker.com/id/1040698 https://access.redhat.com/errata/RHSA-2018:3655 https://security.netapp.com/advisory/ntap-20180419-0002 https://usn.ubuntu.com/3629-1 https://usn.ubuntu.com/3629-3 https://access.redhat.com/security/cve/CVE-2018-2839 https://bugzilla.redhat.com/show_bug.cgi?id=1568957 •
CVSS: 5.9EPSS: 0%CPEs: 31EXPL: 0CVE-2018-2761 – mysql: Client programs unspecified vulnerability (CPU Apr 2018)
https://notcve.org/view.php?id=CVE-2018-2761
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103820 http://www.securitytracker.com/id/1040698 https://access.redhat.com/errata/RHSA-2018:1254 https://access.redhat.com/errata/RHSA-2018:2439 https://access.redhat.com/errata/RHSA-2018:2729 https://access.redhat.com/errata/RHSA-2018:3655 https://access.redhat.com/errata/RHSA-2019:1258 https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html https://lists. •
CVSS: 4.9EPSS: 0%CPEs: 11EXPL: 0CVE-2018-2810 – mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
https://notcve.org/view.php?id=CVE-2018-2810
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103783 http://www.securitytracker.com/id/1040698 https://access.redhat.com/errata/RHSA-2018:3655 https://access.redhat.com/errata/RHSA-2019:1258 https://security.gentoo.org/glsa/201908-24 https://security.netapp.com/advisory/ntap-20180419-0002 https://usn.ubuntu.com/3629-1 https://usn.ubuntu.com/3629-3 https://access.redhat.com/security/cve/CVE-2018-2810 https:/&# •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15519
https://notcve.org/view.php?id=CVE-2017-15519
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation. Desde la versión 2.0 a la 3.0.1 de SnapCenter, atacantes remotos no autenticados pueden ver y modificar copias de seguridad relacionadas con el plug-in para NAS File Services. Se recomienda encarecidamente que los usuarios empleen la versión 3.0.1 y realicen los pasos de mitigación o actualicen a la versión 4-0 siguiendo las instrucciones del producto. • https://security.netapp.com/advisory/ntap-20180306-0001 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 30EXPL: 0CVE-2018-2622 – mysql: Server: DDL unspecified vulnerability (CPU Jan 2018)
https://notcve.org/view.php?id=CVE-2018-2622
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102706 http://www.securitytracker.com/id/1040216 https://access.redhat.com/errata/RHSA-2018:0586 https://access.redhat.com/errata/RHSA-2018:0587 https://access.redhat.com/errata/RHSA-2018:2439 https://access.redhat.com/errata/RHSA-2018:2729 https://access.redhat.com/errata/RHSA-2019:1258 https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html https://lists. •