cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-21543,https://securityvulnerability.io/vulnerability/CVE-2025-21543,Denial of Service Vulnerability in MySQL Server by Oracle,"This vulnerability affects Oracle's MySQL Server, allowing a high-privileged attacker with network access via various protocols to potentially compromise the server. Exploiting this vulnerability can lead to a denial-of-service (DoS) condition, causing the MySQL Server to hang or crash repeatedly. This presents significant risks for businesses relying on MySQL databases, as it can disrupt operations and affect availability.",Oracle,"Mysql Cluster,Mysql Server",4.9,MEDIUM,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:13.601Z,0
CVE-2025-21531,https://securityvulnerability.io/vulnerability/CVE-2025-21531,Denial of Service Flaw in Oracle MySQL Server Affects Multiple Versions,"A vulnerability exists in the Oracle MySQL Server, specifically within the InnoDB component, allowing an attacker with high privileges and network access to exploit the server. This can lead to severe consequences, such as inducing a hang or recurrent crashes, effectively resulting in a denial-of-service (DoS) scenario. The impact affects specific supported versions, making it crucial for users to assess and apply recommended patches to mitigate potential risks.",Oracle,"Mysql Cluster,Mysql Server",4.9,MEDIUM,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:08.723Z,0
CVE-2025-21520,https://securityvulnerability.io/vulnerability/CVE-2025-21520,MySQL Server Vulnerability in Oracle Software Products,"A vulnerability exists in the MySQL Server component of Oracle MySQL, specifically affecting versions 8.0.40 and earlier, 8.4.3 and earlier, and 9.1.0 and earlier. This issue can be exploited by a highly privileged attacker with access to the MySQL infrastructure, allowing unauthorized read access to specific data within MySQL Server. Notably, this vulnerability requires human interaction from another person, making it somewhat challenging to exploit. Organizations using the aforementioned versions should assess their security posture to mitigate potential risks associated with this vulnerability.",Oracle,"Mysql Cluster,Mysql Server",1.8,LOW,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:04.217Z,0
CVE-2025-21518,https://securityvulnerability.io/vulnerability/CVE-2025-21518,MySQL Server Vulnerability in Oracle MySQL Products,"A vulnerability in the MySQL Server component of Oracle MySQL allows attackers with low privileges and network access to exploit the server via multiple protocols. A successful attack can lead to a denial of service, causing the MySQL Server to hang or crash repeatedly. This issue impacts supported versions 8.0.40 and prior, 8.4.3 and prior, and 9.1.0 and prior, thereby representing a significant security concern for users of affected MySQL products. For more information, refer to the Oracle Advisory.",Oracle,"Mysql Cluster,Mysql Server",6.5,MEDIUM,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:03.419Z,0
CVE-2024-21247,https://securityvulnerability.io/vulnerability/CVE-2024-21247,Oracle MySQL Client vulnerability allows high privileged attackers to compromise sensitive data,"Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump).  Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and  9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Client accessible data as well as  unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).",Oracle,"Mysql Cluster,Mysql Client",3.8,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-15T19:52:50.451Z,0
CVE-2024-21238,https://securityvulnerability.io/vulnerability/CVE-2024-21238,Oracle MySQL Server Vulnerability Allows Low-Privileged Attacks,"Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling).  Supported versions that are affected are 8.0.39 and prior, 8.4.1 and prior and  9.0.1 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.3 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).",Oracle,"Mysql Cluster,Mysql Server",5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-10-15T19:52:47.971Z,0
CVE-2024-21230,https://securityvulnerability.io/vulnerability/CVE-2024-21230,MySQL Server Vulnerability in Oracle Affecting Multiple Versions,"A vulnerability exists in the MySQL Server component of Oracle MySQL, affecting supported versions 8.0.39 and earlier, 8.4.2 and earlier, and 9.0.1 and earlier. This issue arises when low-privileged attackers gain network access through multiple protocols. Exploiting this vulnerability can lead to unauthorized actions that may cause severe service disruptions, including frequent crashes or hangs of the MySQL Server, thereby impacting availability.",Oracle,"Mysql Cluster,Mysql Server",6.5,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-10-15T19:52:45.238Z,0
CVE-2024-21218,https://securityvulnerability.io/vulnerability/CVE-2024-21218,Denial of Service Vulnerability in MySQL Server by Oracle,"A vulnerability exists within the InnoDB component of Oracle MySQL Server, specifically affecting versions 8.0.39 and earlier, 8.4.2 and earlier, and 9.0.1 and earlier. An authenticated attacker with high privileges and network access can exploit this flaw using multiple protocols, leading to the possibility of causing the MySQL Server to hang or crash repeatedly. This can result in a complete denial of service, posing significant risks to the availability of affected database systems.",Oracle,"Mysql Cluster,Mysql Server",4.9,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-10-15T19:52:44.128Z,0
CVE-2024-21203,https://securityvulnerability.io/vulnerability/CVE-2024-21203,Denial of Service Vulnerability in MySQL Server by Oracle,"A vulnerability exists in the MySQL Server component of Oracle MySQL that allows a high-privileged attacker with network access to exploit the system through multiple protocols. This vulnerability can lead to unauthorized access that enables an attacker to cause MySQL Server to hang or to crash repeatedly, resulting in a denial of service. Affected versions include 8.0.39, 8.4.2, and 9.0.1 or earlier. Organizations running these versions should apply updates to mitigate the risk and ensure the availability of their database services.",Oracle,"Mysql Cluster,Mysql Server",4.9,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-10-15T19:52:39.267Z,0
CVE-2024-21125,https://securityvulnerability.io/vulnerability/CVE-2024-21125,Denial of Service Vulnerability in MySQL Server by Oracle,"A vulnerability has been identified in Oracle's MySQL Server, specifically within the Full-Text Search component. This flaw affects versions 8.0.37 and prior, as well as 8.4.0 and prior, and can be exploited by attackers with high privileges and network access through multiple protocols. The exploitation of this vulnerability can lead to unauthorized actions that result in a denial of service, causing the MySQL Server to hang or crash reliably.",Oracle,"Mysql Ndb Cluster,Mysql Server",4.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21177,https://securityvulnerability.io/vulnerability/CVE-2024-21177,Vulnerability in MySQL Server Could Lead to Hang or Crash,Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).  Supported versions that are affected are 8.0.37 and prior and  8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,Oracle,"Mysql Ndb Cluster,Mysql Server",6.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-20965,https://securityvulnerability.io/vulnerability/CVE-2024-20965,Denial of Service Vulnerability in Oracle MySQL Server,"An easily exploitable vulnerability exists within Oracle's MySQL Server, specifically in the Optimizer component. This vulnerability affects supported versions 8.0.35 and earlier, as well as 8.2.0 and earlier. A high-privileged attacker with network access can manipulate this vulnerability across various protocols. When exploited, it can lead to unauthorized actions that result in a denial of service, causing the MySQL Server to hang or crash repeatedly, disrupting database availability.",Oracle,"MySQL NDB Cluster,MySQL Server",4.9,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-01-16T21:41:22.582Z,0
CVE-2023-21860,https://securityvulnerability.io/vulnerability/CVE-2023-21860,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal Operations).  Supported versions that are affected are 7.4.38 and prior, 7.5.28 and prior, 7.6.24 and prior and  8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0018500000005587935,false,false,false,false,,false,false,2023-01-18T01:15:00.000Z,0
CVE-2022-21550,https://securityvulnerability.io/vulnerability/CVE-2022-21550,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.36 and prior, 7.5.26 and prior, 7.6.22 and prior and and 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.002950000111013651,false,false,false,false,,false,false,2022-07-19T21:07:43.000Z,0
CVE-2022-21519,https://securityvulnerability.io/vulnerability/CVE-2022-21519,,Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).,Oracle,Mysql Cluster,5.9,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-07-19T21:06:57.000Z,0
CVE-2022-21490,https://securityvulnerability.io/vulnerability/CVE-2022-21490,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0015399999683722854,false,false,false,false,,false,false,2022-04-19T20:38:42.000Z,0
CVE-2022-21489,https://securityvulnerability.io/vulnerability/CVE-2022-21489,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0015399999683722854,false,false,false,false,,false,false,2022-04-19T20:38:40.000Z,0
CVE-2022-21486,https://securityvulnerability.io/vulnerability/CVE-2022-21486,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L).",Oracle,Mysql Cluster,2.9,LOW,0.0008900000248104334,false,false,false,false,,false,false,2022-04-19T20:38:36.000Z,0
CVE-2022-21485,https://securityvulnerability.io/vulnerability/CVE-2022-21485,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L).",Oracle,Mysql Cluster,2.9,LOW,0.0008900000248104334,false,false,false,false,,false,false,2022-04-19T20:38:34.000Z,0
CVE-2022-21484,https://securityvulnerability.io/vulnerability/CVE-2022-21484,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L).",Oracle,Mysql Cluster,2.9,LOW,0.0008900000248104334,false,false,false,false,,false,false,2022-04-19T20:38:33.000Z,0
CVE-2022-21483,https://securityvulnerability.io/vulnerability/CVE-2022-21483,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0015399999683722854,false,false,false,false,,false,false,2022-04-19T20:38:31.000Z,0
CVE-2022-21482,https://securityvulnerability.io/vulnerability/CVE-2022-21482,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0015399999683722854,false,false,false,false,,false,false,2022-04-19T20:38:30.000Z,0
CVE-2022-21380,https://securityvulnerability.io/vulnerability/CVE-2022-21380,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2022-01-19T11:26:20.000Z,0
CVE-2022-21357,https://securityvulnerability.io/vulnerability/CVE-2022-21357,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.1 Base Score 2.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L).",Oracle,Mysql Cluster,2.9,LOW,0.0004600000102072954,false,false,false,false,,false,false,2022-01-19T11:25:31.000Z,0
CVE-2022-21356,https://securityvulnerability.io/vulnerability/CVE-2022-21356,,"Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Cluster. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Mysql Cluster,6.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2022-01-19T11:25:29.000Z,0