CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-22570 – Nullptr Dereference in Protobuf
https://notcve.org/view.php?id=CVE-2021-22570
Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater. Una desreferencia de puntero Null cuando un char nulo está presente en un símbolo proto. • https://github.com/protocolbuffers/protobuf/releases/tag/v3.15.0 https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DVUZPALAQ34TQP6KFNLM4IZS6B32XSA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BTRGBRC5KGCA4SK5MUNLPYJRAGXMBIYY https://lists.fedoraproject.org/archi • CWE-476: NULL Pointer Dereference •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2022-21339 – mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2022)
https://notcve.org/view.php?id=CVE-2022-21339
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2XBX2PNTBLJNK5G7EP7LIDPFTPDIHPW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6OB7IPXBSJRAGCA4P47EVGC76VS2DS4 https://security.netapp.com/advisory/ntap-20220121-0008 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2022-21339 https://bugzilla.redhat.com/show_bug.cgi?id=2043634 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21322 – Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-21322
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. • https://security.netapp.com/advisory/ntap-20220121-0008 https://www.oracle.com/security-alerts/cpujan2022.html https://www.zerodayinitiative.com/advisories/ZDI-22-107 •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2022-21304 – mysql: Server: Parser unspecified vulnerability (CPU Jan 2022)
https://notcve.org/view.php?id=CVE-2022-21304
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2XBX2PNTBLJNK5G7EP7LIDPFTPDIHPW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6OB7IPXBSJRAGCA4P47EVGC76VS2DS4 https://security.netapp.com/advisory/ntap-20220121-0008 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2022-21304 https://bugzilla.redhat.com/show_bug.cgi?id=2043633 •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2022-21303 – mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2022)
https://notcve.org/view.php?id=CVE-2022-21303
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.7.36 and prior and 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D2XBX2PNTBLJNK5G7EP7LIDPFTPDIHPW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6OB7IPXBSJRAGCA4P47EVGC76VS2DS4 https://security.netapp.com/advisory/ntap-20220121-0008 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2022-21303 https://bugzilla.redhat.com/show_bug.cgi?id=2043632 •