CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-21380 – Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-21380
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. • https://security.netapp.com/advisory/ntap-20220121-0008 https://www.oracle.com/security-alerts/cpujan2022.html https://www.zerodayinitiative.com/advisories/ZDI-22-127 •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21379 – mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Jan 2022)
https://notcve.org/view.php?id=CVE-2022-21379
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20220121-0008 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2022-21379 https://bugzilla.redhat.com/show_bug.cgi?id=2043648 •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-35639 – mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35639
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20211022-0003 https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-35639 https://bugzilla.redhat.com/show_bug.cgi?id=2016128 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-35604 – mysql: InnoDB unspecified vulnerability (CPU Oct 2021)
https://notcve.org/view.php?id=CVE-2021-35604
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UTW5KMPPDKIMGB4ULE2HS22HYLVKYIH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MLAXYFLUDC636S46X34USCLDZAOFBM2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRCU3RTIPVKPC3GMC76YW7DJEXUEY6FG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGR5ZTB5QEDRRC6G5U6TFNCIVBBKGS5J https://lists.fedoraproject.org/archives/list/package-announce%40li •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-35583
https://notcve.org/view.php?id=CVE-2021-35583
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Windows). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts). • https://security.netapp.com/advisory/ntap-20211022-0003 https://www.oracle.com/security-alerts/cpuoct2021.html •