CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21134
https://notcve.org/view.php?id=CVE-2024-21134
16 Jul 2024 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 4.3 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21133
https://notcve.org/view.php?id=CVE-2024-21133
16 Jul 2024 — Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Servlet). Supported versions that are affected are 12.2.1.4.0 and 12.2.1.19.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products (scope ch... • https://www.oracle.com/security-alerts/cpujul2024.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21132
https://notcve.org/view.php?id=CVE-2024-21132
16 Jul 2024 — Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite (component: Approvals). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Purchasing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Purchasing, attacks may significantly impact additional products (scope change). Successful attacks of this... • https://www.oracle.com/security-alerts/cpujul2024.html • CWE-284: Improper Access Control •
CVSS: 3.7EPSS: 0%CPEs: 35EXPL: 0CVE-2024-21131 – OpenJDK: potential UTF8 size overflow (8314794)
https://notcve.org/view.php?id=CVE-2024-21131
16 Jul 2024 — Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM... • https://security.netapp.com/advisory/ntap-20240719-0008 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21130 – Ubuntu Security Notice USN-6934-1
https://notcve.org/view.php?id=CVE-2024-21130
16 Jul 2024 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21129
https://notcve.org/view.php?id=CVE-2024-21129
16 Jul 2024 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21128
https://notcve.org/view.php?id=CVE-2024-21128
16 Jul 2024 — Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: APIs). Supported versions that are affected are 12.2.6-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Application Object Library, attacks may significantly impact additional products... • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21127
https://notcve.org/view.php?id=CVE-2024-21127
16 Jul 2024 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21126
https://notcve.org/view.php?id=CVE-2024-21126
16 Jul 2024 — Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.23 and 21.3-21.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via DNS to compromise Oracle Database Portable Clusterware. While the vulnerability is in Oracle Database Portable Clusterware, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized... • https://www.oracle.com/security-alerts/cpujul2024.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21125
https://notcve.org/view.php?id=CVE-2024-21125
16 Jul 2024 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujul2024.html •