Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle mysql vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2018-2585
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocol...
Oracle Mysql Connector\\/net
686
VMScore
CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Vmware Spring Cloud Function
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Banking Cash Management 14.5
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.5
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Supply Chain Finance 14.5
Oracle Sd-wan Edge 9.1
Oracle Banking Liquidity Management 14.5
Oracle Banking Liquidity Management 14.2
Oracle Banking Virtual Account Management 14.5
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Mysql Enterprise Monitor
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Communications Policy Management 12.6.0.0.0
61 Github repositories
3 Articles
686
VMScore
CVE-2020-14878
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attache...
Oracle Mysql
685
VMScore
CVE-2009-5026
The executable comment feature in MySQL 5.0.x prior to 5.0.93 and 5.1.x prior to 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote malicious users to execute arbitrary SQL commands via custom comments...
Mysql Mysql 5.0.2
Mysql Mysql 5.0.20
Oracle Mysql 5.0.81
Mysql Mysql 5.0.16
Oracle Mysql 5.0.23
Mysql Mysql 5.0.0
Mysql Mysql 5.0.1
Mysql Mysql 5.0.10
Mysql Mysql 5.0.3
Mysql Mysql 5.0.17
Oracle Mysql 5.0.45
Mysql Mysql 5.0.45
Mysql Mysql 5.0.84
Oracle Mysql 5.0.85
Oracle Mysql 5.0.92
Mysql Mysql 5.0.15
Mysql Mysql 5.0.5
Mysql Mysql 5.0.4
Mysql Mysql 5.0.24
Oracle Mysql 5.0.51
Oracle Mysql 5.0.67
Oracle Mysql 5.0.86
1 EDB exploit
684
VMScore
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
54 Github repositories
1 Article
677
VMScore
CVE-2020-5398
In Spring Framework, versions 5.2.x before 5.2.3, versions 5.1.x before 5.1.13, and versions 5.0.x before 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attrib...
Vmware Spring Framework
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Retail Assortment Planning 15.0
Oracle Retail Point-of-service 14.1
Oracle Retail Predictive Application Server 15.0.3
Oracle Retail Assortment Planning 16.0
Oracle Retail Financial Integration 15.0
Oracle Retail Financial Integration 16.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Mysql
2 Github repositories
672
VMScore
CVE-2020-17530
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
Apache Struts
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Hospitality Opera 5 5.6
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Mysql Enterprise Monitor 8.0.23
Oracle Communications Diameter Intelligence Hub 8.2.3
Oracle Communications Diameter Intelligence Hub 8.0.0
Oracle Communications Diameter Intelligence Hub 8.2.0
Oracle Communications Diameter Intelligence Hub 8.1.0
18 Github repositories
1 Article
672
VMScore
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
18 Github repositories
1 Article
670
VMScore
CVE-2019-0230
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Mysql Enterprise Monitor
10 Github repositories
1 Article
668
VMScore
CVE-2022-32081
MariaDB v10.4 to v10.7 exists to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
Mariadb Mariadb
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »