CVE-2024-21177
https://notcve.org/view.php?id=CVE-2024-21177
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •
CVE-2023-21860
https://notcve.org/view.php?id=CVE-2023-21860
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal Operations). Supported versions that are affected are 7.4.38 and prior, 7.5.28 and prior, 7.6.24 and prior and 8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. • https://www.oracle.com/security-alerts/cpujan2023.html • CWE-284: Improper Access Control •
CVE-2022-21550 – Oracle MySQL Cluster Data Node Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-21550
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. • https://security.netapp.com/advisory/ntap-20220729-0004 https://www.oracle.com/security-alerts/cpujul2022.html •
CVE-2022-21519
https://notcve.org/view.php?id=CVE-2022-21519
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.1 Base Score 5.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220729-0004 https://www.oracle.com/security-alerts/cpujul2022.html •
CVE-2022-21490 – Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-21490
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. • https://security.netapp.com/advisory/ntap-20220429-0005 https://www.oracle.com/security-alerts/cpuapr2022.html •