Vulnerabilities > Oracle > Mysql Enterprise Monitor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-17 | CVE-2017-5645 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | 9.8 |
| 2017-01-27 | CVE-2016-5590 | Remote Security vulnerability in Oracle MySQL Enterprise Monitor Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Agent). | 6.5 |
| 2016-04-21 | CVE-2016-3461 | Remote Security vulnerability in Oracle Mysql Enterprise Monitor 3.0.25/3.1.2 Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server. | 4.3 |
| 2015-04-24 | CVE-2015-3144 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80." The previous CVSS assessment 7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) was provided at the time of initial analysis based on the best available published information at that time. | 9.0 |
| 2013-09-30 | CVE-2013-4316 | Improper Access Control vulnerability in multiple products Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. | 10.0 |