Vulnerabilities > Oracle > Mysql Server > 5.7.27
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-06 | CVE-2020-28196 | Uncontrolled Recursion vulnerability in multiple products MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | 7.5 |
| 2019-11-08 | CVE-2019-10219 | Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-10-16 | CVE-2019-2897 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). | 6.4 |
| 2019-09-16 | CVE-2019-5482 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | 9.8 |
| 2019-09-16 | CVE-2019-5481 | Double Free vulnerability in multiple products Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. | 9.8 |
| 2019-07-02 | CVE-2019-5443 | Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. | 4.4 |
| 2019-05-28 | CVE-2019-5436 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | 7.8 |
| 2019-02-06 | CVE-2019-3822 | Out-of-bounds Write vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. | 9.8 |