cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21272,https://securityvulnerability.io/vulnerability/CVE-2024-21272,Vulnerability in MySQL Connectors Could Lead to Takeover,"A vulnerability exists in the MySQL Connectors product of Oracle MySQL, specifically affecting Connector/Python. All supported versions up to and including 9.0.0 are susceptible. The vulnerability poses a risk as it allows a low-privileged attacker with network access to exploit the MySQL Connectors through multiple protocols. Successful exploitation can lead to a compromise of the MySQL Connectors, potentially enabling an unauthorized takeover. This issue highlights the importance of maintaining robust security practices for configurations and access controls within MySQL environments.",Oracle,Mysql Connectors,7.5,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-10-15T19:52:58.536Z,0
CVE-2024-21262,https://securityvulnerability.io/vulnerability/CVE-2024-21262,Unauthorized Access to MySQL Connectors Data and Partial Denial of Service Vulnerability,"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC).  Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).",Oracle,Mysql Connectors,6.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-10-15T19:52:54.911Z,0
CVE-2024-21170,https://securityvulnerability.io/vulnerability/CVE-2024-21170,Vulnerability in Oracle MySQL Connectors Could Allow for Unauthorized Access to Data,"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python).  Supported versions that are affected are 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).",Oracle,Mysql Connectors,6.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2023-22102,https://securityvulnerability.io/vulnerability/CVE-2023-22102,Vulnerability in MySQL Connectors (Oracle) - Unauthenticated Access Risk,"A vulnerability in Oracle MySQL Connectors (specifically the Connector/J component) allows an unauthenticated attacker with network access through multiple protocols to potentially compromise the software. Affected versions include 8.1.0 and earlier. Exploitation of this vulnerability necessitates human interaction from someone other than the attacker, making it challenging to exploit in a straightforward manner. Nevertheless, successful attacks could lead to significant repercussions for other connected products. It is vital for users of MySQL Connectors to be aware of this risk and apply necessary mitigations.",Oracle,MySQL Connectors,8.3,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2023-10-17T22:15:00.000Z,0
CVE-2023-21971,https://securityvulnerability.io/vulnerability/CVE-2023-21971,,"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).  Supported versions that are affected are 8.0.32 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors as well as  unauthorized update, insert or delete access to some of MySQL Connectors accessible data and  unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H).",Oracle,Mysql Connectors,5.3,MEDIUM,0.0004600000102072954,false,false,false,true,true,false,false,2023-04-18T20:15:00.000Z,0
CVE-2022-21363,https://securityvulnerability.io/vulnerability/CVE-2022-21363,,"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,Mysql Connectors,6.6,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-01-19T11:25:44.000Z,0
CVE-2021-2471,https://securityvulnerability.io/vulnerability/CVE-2021-2471,,Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H).,Oracle,Mysql Connectors,5.9,MEDIUM,0.0006300000241026282,false,false,false,true,true,false,false,2021-10-20T10:49:38.000Z,0
CVE-2020-2933,https://securityvulnerability.io/vulnerability/CVE-2020-2933,,Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).,Oracle,Mysql Connectors,2.2,LOW,0.001970000099390745,false,false,false,false,,false,false,2020-04-15T13:29:53.000Z,0
CVE-2020-2875,https://securityvulnerability.io/vulnerability/CVE-2020-2875,,"Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Mysql Connectors,4.7,MEDIUM,0.0030400000978261232,false,false,false,false,,false,false,2020-04-15T13:29:50.000Z,0
CVE-2019-2920,https://securityvulnerability.io/vulnerability/CVE-2019-2920,,Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).,Oracle,Mysql Connectors,5.3,MEDIUM,0.0007600000244565308,false,false,false,false,,false,false,2019-10-16T17:40:54.000Z,0
CVE-2019-2692,https://securityvulnerability.io/vulnerability/CVE-2019-2692,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Connectors,6.3,MEDIUM,0.0006399999838322401,false,false,false,false,,false,false,2019-04-23T18:16:44.000Z,0
CVE-2019-2435,https://securityvulnerability.io/vulnerability/CVE-2019-2435,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N).",Oracle,Mysql Connectors,8.1,HIGH,0.004220000002533197,false,false,false,false,,false,false,2019-01-16T19:00:00.000Z,0
CVE-2018-3258,https://securityvulnerability.io/vulnerability/CVE-2018-3258,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).",Oracle,Mysql Connectors,8.8,HIGH,0.00203000009059906,false,false,false,false,,false,false,2018-10-17T01:00:00.000Z,0
CVE-2018-2585,https://securityvulnerability.io/vulnerability/CVE-2018-2585,,Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Supported versions that are affected are 6.9.9 and prior and 6.10.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).,Oracle,Mysql Connectors,7.5,HIGH,0.0016400000313296914,false,false,false,false,,false,false,2018-01-18T02:00:00.000Z,0
CVE-2017-10203,https://securityvulnerability.io/vulnerability/CVE-2017-10203,,Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).,Oracle,Mysql Connectors,5.3,MEDIUM,0.0014100000262260437,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2017-10277,https://securityvulnerability.io/vulnerability/CVE-2017-10277,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).",Oracle,Mysql Connectors,5.4,MEDIUM,0.0018599999602884054,false,false,false,false,,false,false,2017-10-19T17:00:00.000Z,0
CVE-2017-3523,https://securityvulnerability.io/vulnerability/CVE-2017-3523,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.40 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).",Oracle,Mysql Connectors,8.5,HIGH,0.00139999995008111,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3586,https://securityvulnerability.io/vulnerability/CVE-2017-3586,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N).",Oracle,Mysql Connectors,6.4,MEDIUM,0.004900000058114529,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3590,https://securityvulnerability.io/vulnerability/CVE-2017-3590,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data. CVSS 3.0 Base Score 3.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",Oracle,Mysql Connectors,3.3,LOW,0.0005200000014156103,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2017-3589,https://securityvulnerability.io/vulnerability/CVE-2017-3589,,"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily ""exploitable"" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data. CVSS 3.0 Base Score 3.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",Oracle,Mysql Connectors,3.3,LOW,0.0007099999929778278,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2016-5598,https://securityvulnerability.io/vulnerability/CVE-2016-5598,,"Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.",Oracle,Mysql Connector\/python,5.6,MEDIUM,0.0014799999771639705,false,false,false,false,,false,false,2016-10-25T14:00:00.000Z,0
CVE-2015-3152,https://securityvulnerability.io/vulnerability/CVE-2015-3152,,"Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a ""BACKRONYM"" attack.",Oracle,"Mysql,Mysql Connector\/c",5.9,MEDIUM,0.006039999891072512,false,false,false,true,true,false,false,2016-05-16T10:00:00.000Z,0
CVE-2012-1696,https://securityvulnerability.io/vulnerability/CVE-2012-1696,,Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.,Oracle,"Mysql,Mysql Community Server,Mysql Server,Mysql Connector\/j",,,0.010089999996125698,false,false,false,false,,false,false,2012-05-03T22:00:00.000Z,0
CVE-2009-4833,https://securityvulnerability.io/vulnerability/CVE-2009-4833,,"MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.",Oracle,Mysql Connector\/net,,,0.004350000061094761,false,false,false,false,,false,false,2010-04-29T19:00:00.000Z,0