CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-22033 – mysql: InnoDB unspecified vulnerability (CPU Jul 2023)
https://notcve.org/view.php?id=CVE-2023-22033
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN https://security.netapp.com/advisory/ntap-20230725-0005 https://www.oracle.com/security-alerts/cpujul2023.html https://access.redhat.com/security/cve/CVE-2023-22033 https:&#x •
CVSS: 4.9EPSS: 0%CPEs: 9EXPL: 0CVE-2023-22008 – mysql: InnoDB unspecified vulnerability (CPU Jul 2023)
https://notcve.org/view.php?id=CVE-2023-22008
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN https://security.netapp.com/advisory/ntap-20230725-0005 https://www.oracle.com/security-alerts/cpujul2023.html https://access.redhat.com/security/cve/CVE-2023-22008 https:&#x •
CVSS: 3.1EPSS: 0%CPEs: 20EXPL: 0CVE-2023-22006 – OpenJDK: HTTP client insufficient file name validation (8302475)
https://notcve.org/view.php?id=CVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. • https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html https://security.netapp.com/advisory/ntap-20230725-0006 https://www.debian.org/security/2023/dsa-5458 https://www.debian.org/security/2023/dsa-5478 https://www.oracle.com/security-alerts/cpujul2023.html https://access.redhat.com/security/cve/CVE-2023-22006 https://bugzilla.redhat.com/show_bug.cgi?id=2221626 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-22005 – mysql: Server: Replication unspecified vulnerability (CPU Jul 2023)
https://notcve.org/view.php?id=CVE-2023-22005
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN https://security.netapp.com/advisory/ntap-20230725-0005 https://www.oracle.com/security-alerts/cpujul2023.html https://access.redhat.com/security/cve/CVE-2023-22005 https:&#x •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0CVE-2023-21971
https://notcve.org/view.php?id=CVE-2023-21971
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized read access to a subset of MySQL Connectors accessible data. • https://security.netapp.com/advisory/ntap-20230427-0007 https://security.netapp.com/advisory/ntap-20230427-0010 https://www.oracle.com/security-alerts/cpuapr2023.html https://www.oracle.com/security-alerts/cpujul2023.html •