Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle mysql connectors vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-21090
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL C...
8.3
CVSSv3
CVE-2023-22102
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Conn...
Oracle Mysql Connector\\/j
Netapp Oncommand Insight -
5.3
CVSSv3
CVE-2023-21971
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Con...
Oracle Mysql Connectors
Oracle Communications Cloud Native Core Policy 22.4.0
Oracle Communications Cloud Native Core Policy 23.1.0
Oracle Communications Cloud Native Core Binding Support Function 22.4.0
Oracle Communications Cloud Native Core Binding Support Function 23.1.0
Netapp Snapcenter -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
1 Github repository
8.2
CVSSv3
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could b...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Server
Oracle Mysql Connectors
Oracle Mysql Workbench
Oracle Mysql Cluster
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
2 Github repositories
7.4
CVSSv3
CVE-2021-44531
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, whic...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Workbench
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Cluster
5.3
CVSSv3
CVE-2021-44532
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerabilit...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Workbench
Oracle Mysql Cluster
Debian Debian Linux 11.0
5.3
CVSSv3
CVE-2021-44533
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relativ...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Workbench
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Cluster
Oracle Mysql Cluster 8.0.29
Debian Debian Linux 11.0
6.6
CVSSv3
CVE-2022-21363
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Con...
Oracle Mysql Connectors
Quarkus Quarkus
5.9
CVSSv3
CVE-2021-2471
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Con...
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Mysql Connectors
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Quarkus Quarkus
3 Github repositories
9.8
CVSSv3
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »