CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21500 – mysql: Optimizer unspecified vulnerability (CPU Jan 2025)
https://notcve.org/view.php?id=CVE-2025-21500
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availabilit... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21499
https://notcve.org/view.php?id=CVE-2025-21499
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21498
https://notcve.org/view.php?id=CVE-2025-21498
21 Jan 2025 — Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21497 – mysql: InnoDB unspecified vulnerability (CPU Jan 2025)
https://notcve.org/view.php?id=CVE-2025-21497
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delet... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-346: Origin Validation Error •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21495
https://notcve.org/view.php?id=CVE-2025-21495
21 Jan 2025 — Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL (component: Firewall). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Firewall. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Enterprise Firewall. CVS... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21494 – mysql: Privileges unspecified vulnerability (CPU Jan 2025)
https://notcve.org/view.php?id=CVE-2025-21494
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21493
https://notcve.org/view.php?id=CVE-2025-21493
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.4.3 and prior and 9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability im... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-21492
https://notcve.org/view.php?id=CVE-2025-21492
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21491 – mysql: MySQL Server InnoDB Denial of Service and Unauthorized Data Modification Vulnerability
https://notcve.org/view.php?id=CVE-2025-21491
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts)... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-404: Improper Resource Shutdown or Release CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21490 – mysql: High Privilege Denial of Service Vulnerability in MySQL Server
https://notcve.org/view.php?id=CVE-2025-21490
21 Jan 2025 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts)... • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-404: Improper Resource Shutdown or Release CWE-770: Allocation of Resources Without Limits or Throttling •