Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by NVD-CWE-noinfo
Total 22269 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27619 3 Fedoraproject, Oracle, Python 3 Fedora, Communications Cloud Native Core Network Function Cloud Native Environment, Python 2023-01-31 7.5 HIGH 9.8 CRITICAL
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVE-2020-13943 3 Apache, Debian, Oracle 4 Tomcat, Debian Linux, Instantis Enterprisetrack and 1 more 2023-01-31 4.0 MEDIUM 4.3 MEDIUM
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected resources.
CVE-2019-4383 1 Ibm 1 Spectrum Protect Plus 2023-01-31 4.6 MEDIUM 6.7 MEDIUM
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165.
CVE-2019-4298 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2023-01-31 3.6 LOW 7.1 HIGH
IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.
CVE-2022-37967 3 Fedoraproject, Microsoft, Netapp 8 Fedora, Windows Server 2008, Windows Server 2012 and 5 more 2023-01-31 N/A 7.2 HIGH
Windows Kerberos Elevation of Privilege Vulnerability.
CVE-2022-38023 3 Fedoraproject, Microsoft, Netapp 8 Fedora, Windows Server 2008, Windows Server 2012 and 5 more 2023-01-31 N/A 8.1 HIGH
Netlogon RPC Elevation of Privilege Vulnerability.
CVE-2022-37966 3 Fedoraproject, Microsoft, Netapp 8 Fedora, Windows Server 2008, Windows Server 2012 and 5 more 2023-01-31 N/A 8.1 HIGH
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.
CVE-2019-14306 1 Ricoh 96 M 2700, M 2700 Firmware, M 2701 and 93 more 2023-01-31 5.0 MEDIUM 7.5 HIGH
Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of 2).
CVE-2022-47318 3 Debian, Fedoraproject, Ruby-git Project 3 Debian Linux, Fedora, Ruby-git 2023-01-31 N/A 8.0 HIGH
ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. This vulnerability is different from CVE-2022-46648.
CVE-2019-2910 3 Canonical, Netapp, Oracle 6 Ubuntu Linux, Active Iq Unified Manager, Oncommand Insight and 3 more 2023-01-31 4.3 MEDIUM 3.7 LOW
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
CVE-2019-2911 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 2.7 LOW
Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).
CVE-2019-2982 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2899 1 Oracle 4 Application Development Framework, Hyperion Financial Management, Jdeveloper and 1 more 2023-01-31 3.5 LOW 2.4 LOW
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: OAM). Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle JDeveloper and ADF accessible data. CVSS 3.0 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).
CVE-2019-2914 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 6.5 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2991 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 5.5 MEDIUM 5.5 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.017 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2019-2967 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 6.5 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2969 3 Canonical, Netapp, Oracle 6 Ubuntu Linux, Active Iq Unified Manager, Oncommand Insight and 3 more 2023-01-31 2.1 LOW 6.2 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVE-2019-2968 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2998 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2019-2997 4 Canonical, Fedoraproject, Netapp and 1 more 7 Ubuntu Linux, Fedora, Active Iq Unified Manager and 4 more 2023-01-31 4.0 MEDIUM 4.9 MEDIUM
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).