Vulnerabilities > Oracle > Mysql Server > 8.0.0

DATE CVE VULNERABILITY TITLE RISK
2021-06-11 CVE-2021-22901 Use After Free vulnerability in multiple products
curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection.
network
high complexity
haxx oracle netapp siemens splunk CWE-416
8.1
2021-03-23 CVE-2021-21351 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
9.1
2021-03-23 CVE-2021-21348 Resource Exhaustion vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
7.5
2021-03-23 CVE-2021-21344 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
9.8
2020-11-06 CVE-2020-28196 Uncontrolled Recursion vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
network
low complexity
mit fedoraproject netapp oracle CWE-674
7.5
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-10-16 CVE-2019-2897 Unspecified vulnerability in Oracle products
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions).
network
low complexity
oracle
6.4
2019-09-16 CVE-2019-5482 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
network
low complexity
haxx fedoraproject opensuse netapp oracle debian CWE-787
critical
9.8
2019-09-16 CVE-2019-5481 Double Free vulnerability in multiple products
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
network
low complexity
haxx fedoraproject netapp oracle debian opensuse CWE-415
critical
9.8
2019-07-02 CVE-2019-5443 Uncontrolled Search Path Element vulnerability in multiple products
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation.
local
low complexity
haxx oracle netapp CWE-427
7.8