CVSS: 10.0EPSS: 0%CPEs: 19EXPL: 0CVE-2024-20918 – OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)
https://notcve.org/view.php?id=CVE-2024-20918
16 Jan 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, O... • https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html • CWE-284: Improper Access Control CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22115 – mysql: Server: DML unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22115
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-22114 – mysql: InnoDB unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22114
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22113 – mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22113
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 • CWE-125: Out-of-bounds Read •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22112 – mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22112
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22111 – mysql: Server: UDF unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22111
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22110 – mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22110
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22104 – mysql: InnoDB unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22104
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-22103 – mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22103
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22102
https://notcve.org/view.php?id=CVE-2023-22102
17 Oct 2023 — Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks o... • https://security.netapp.com/advisory/ntap-20231027-0007 • CWE-284: Improper Access Control •