CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2018-3247 – mysql: Server: Merge unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3247
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Merge). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, i... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 4.9EPSS: 0%CPEs: 24EXPL: 0CVE-2018-3282 – mysql: Server: Storage Engines unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3282
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 4.4EPSS: 0%CPEs: 13EXPL: 0CVE-2018-3283 – mysql: Server: Logging unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3283
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts)... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 3.1EPSS: 0%CPEs: 30EXPL: 0CVE-2018-3139 – OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902)
https://notcve.org/view.php?id=CVE-2018-3139
17 Oct 2018 — Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized rea... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 8.3EPSS: 2%CPEs: 30EXPL: 0CVE-2018-3149 – OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177)
https://notcve.org/view.php?id=CVE-2018-3149
17 Oct 2018 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-426: Untrusted Search Path •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2018-3251 – mysql: InnoDB unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3251
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability im... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 5.9EPSS: 0%CPEs: 13EXPL: 0CVE-2018-3144 – mysql: Server: Security: Audit unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3144
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.9 (Availability ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 4.9EPSS: 0%CPEs: 13EXPL: 0CVE-2018-3173 – mysql: InnoDB unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3173
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 4.9EPSS: 0%CPEs: 14EXPL: 0CVE-2018-3278 – mysql: Server: RBR unspecified vulnerability (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3278
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availabil... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2018-3174 – mysql: Init script calling kill with root privileges using pid from pidfile owned by mysql user (CPU Oct 2018)
https://notcve.org/view.php?id=CVE-2018-3174
17 Oct 2018 — Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can resu... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •