CVSS: 4.3EPSS: 0%CPEs: 60EXPL: 2CVE-2021-22924 – curl: Bad connection reuse due to flawed path name checks
https://notcve.org/view.php?id=CVE-2021-22924
22 Jul 2021 — libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' whic... • https://github.com/Trinadh465/external_curl_AOSP10_r33_CVE-2021-22924 • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2444 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2444
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2441 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2441
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2440 – mysql: Server: DML unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2440
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2437 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2437
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 8.1EPSS: 3%CPEs: 2EXPL: 0CVE-2021-2429 – MySQL InnoDB Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-2429
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2427 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2427
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2426 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2426
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2425 – mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2425
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2424 – mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2424
20 Jul 2021 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20210723-0001 •