ISHACK AI BOT

Alma Linux: CVE-2023-22032: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22032 CVE - 2023-22032 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Red Hat: CVE-2023-22015: Optimizer unspecified vulnerability (CPU Oct 2023) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 09/04/2024 Added 09/03/2024 Modified 09/13/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 5.7.42 and prior and8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22015 RHSA-2023:2621 RHSA-2023:3087

Red Hat: CVE-2023-22068: mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22068 RHSA-2024:0894 RHSA-2024:1141

Red Hat: CVE-2023-22067: IOR deserialization issue in CORBA (8303384) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/17/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA).Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) redhat-upgrade-java-1-8-0-ibm redhat-upgrade-java-1-8-0-ibm-demo redhat-upgrade-java-1-8-0-ibm-devel redhat-upgrade-java-1-8-0-ibm-headless redhat-upgrade-java-1-8-0-ibm-jdbc redhat-upgrade-java-1-8-0-ibm-plugin redhat-upgrade-java-1-8-0-ibm-src redhat-upgrade-java-1-8-0-ibm-webstart redhat-upgrade-java-1-8-0-openjdk redhat-upgrade-java-1-8-0-openjdk-accessibility redhat-upgrade-java-1-8-0-openjdk-accessibility-fastdebug redhat-upgrade-java-1-8-0-openjdk-accessibility-slowdebug redhat-upgrade-java-1-8-0-openjdk-debuginfo redhat-upgrade-java-1-8-0-openjdk-debugsource redhat-upgrade-java-1-8-0-openjdk-demo redhat-upgrade-java-1-8-0-openjdk-demo-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug redhat-upgrade-java-1-8-0-openjdk-demo-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug redhat-upgrade-java-1-8-0-openjdk-demo-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel redhat-upgrade-java-1-8-0-openjdk-devel-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug redhat-upgrade-java-1-8-0-openjdk-devel-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug redhat-upgrade-java-1-8-0-openjdk-devel-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-fastdebug redhat-upgrade-java-1-8-0-openjdk-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless redhat-upgrade-java-1-8-0-openjdk-headless-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug redhat-upgrade-java-1-8-0-openjdk-headless-fastdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug redhat-upgrade-java-1-8-0-openjdk-headless-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-javadoc redhat-upgrade-java-1-8-0-openjdk-javadoc-zip redhat-upgrade-java-1-8-0-openjdk-slowdebug redhat-upgrade-java-1-8-0-openjdk-slowdebug-debuginfo redhat-upgrade-java-1-8-0-openjdk-src redhat-upgrade-java-1-8-0-openjdk-src-fastdebug redhat-upgrade-java-1-8-0-openjdk-src-slowdebug References CVE-2023-22067 RHSA-2023:5730 RHSA-2023:5731 RHSA-2023:5732 RHSA-2023:5733 RHSA-2023:5761 RHSA-2024:0866 RHSA-2024:0879 View more

Red Hat: CVE-2023-22065: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22065 RHSA-2024:0894 RHSA-2024:1141

Red Hat: CVE-2023-22066: mysql: InnoDB unspecified vulnerability (CPU Oct 2023) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22066 RHSA-2024:0894 RHSA-2024:1141

Alma Linux: CVE-2023-22114: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22114 CVE - 2023-22114 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Red Hat: CVE-2023-22059: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 10/17/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22059 RHSA-2024:0894 RHSA-2024:1141

Red Hat: CVE-2023-22032: mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2023) (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 02/22/2024 Added 02/21/2024 Modified 09/03/2024 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) redhat-upgrade-mecab redhat-upgrade-mecab-debuginfo redhat-upgrade-mecab-debugsource redhat-upgrade-mecab-devel redhat-upgrade-mecab-ipadic redhat-upgrade-mecab-ipadic-eucjp redhat-upgrade-mysql redhat-upgrade-mysql-common redhat-upgrade-mysql-debuginfo redhat-upgrade-mysql-debugsource redhat-upgrade-mysql-devel redhat-upgrade-mysql-devel-debuginfo redhat-upgrade-mysql-errmsg redhat-upgrade-mysql-libs redhat-upgrade-mysql-libs-debuginfo redhat-upgrade-mysql-server redhat-upgrade-mysql-server-debuginfo redhat-upgrade-mysql-test redhat-upgrade-mysql-test-debuginfo References CVE-2023-22032 RHSA-2024:0894 RHSA-2024:1141

Alma Linux: CVE-2023-22097: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22097 CVE - 2023-22097 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Alma Linux: CVE-2023-22110: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22110 CVE - 2023-22110 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Alma Linux: CVE-2023-22103: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22103 CVE - 2023-22103 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Oracle WebLogic: CVE-2023-22069 : Critical Patch Update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/17/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).Supported versions that are affected are 12.2.1.4.0 and14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Solution(s) oracle-weblogic-oct-2023-cpu-12_2_1_4_0 oracle-weblogic-oct-2023-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2023-22069 CVE - 2023-22069 http://www.oracle.com/security-alerts/cpuoct2023.html https://support.oracle.com/rs?type=doc&id=2978467.2

Alma Linux: CVE-2023-22064: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22064 CVE - 2023-22064 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Alma Linux: CVE-2023-22112: Moderate: mysql:8.0 security update (Multiple Advisories) Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 03/01/2024 Added 02/29/2024 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) alma-upgrade-mecab alma-upgrade-mecab-devel alma-upgrade-mecab-ipadic alma-upgrade-mecab-ipadic-eucjp alma-upgrade-mysql alma-upgrade-mysql-common alma-upgrade-mysql-devel alma-upgrade-mysql-errmsg alma-upgrade-mysql-libs alma-upgrade-mysql-server alma-upgrade-mysql-test References https://attackerkb.com/topics/cve-2023-22112 CVE - 2023-22112 https://errata.almalinux.org/8/ALSA-2024-0894.html https://errata.almalinux.org/9/ALSA-2024-1141.html

Ubuntu: USN-6459-1 (CVE-2023-22114): MySQL vulnerabilities Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) ubuntu-upgrade-mysql-server-8-0 References https://attackerkb.com/topics/cve-2023-22114 CVE - 2023-22114 USN-6459-1

Oracle WebLogic: CVE-2023-22072 : Critical Patch Update Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/17/2023 Created 02/08/2024 Added 02/07/2024 Modified 01/28/2025 Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Solution(s) oracle-weblogic-oct-2023-cpu-12_2_1_3_0 References https://attackerkb.com/topics/cve-2023-22072 CVE - 2023-22072 http://www.oracle.com/security-alerts/cpuoct2023.html https://support.oracle.com/rs?type=doc&id=2978467.2

Oracle WebLogic: CVE-2023-22101 : Critical Patch Update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/17/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).Supported versions that are affected are 12.2.1.4.0 and14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server.Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). Solution(s) oracle-weblogic-oct-2023-cpu-12_2_1_4_0 oracle-weblogic-oct-2023-cpu-14_1_1_0_0 References https://attackerkb.com/topics/cve-2023-22101 CVE - 2023-22101 http://www.oracle.com/security-alerts/cpuoct2023.html https://support.oracle.com/rs?type=doc&id=2978467.2

Oracle MySQL Vulnerability: CVE-2023-22111 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22111 CVE - 2023-22111 https://www.oracle.com/security-alerts/cpuoct2023.html

Oracle MySQL Vulnerability: CVE-2023-22110 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22110 CVE - 2023-22110 https://www.oracle.com/security-alerts/cpuoct2023.html

Oracle MySQL Vulnerability: CVE-2023-22015 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 5.7.42 and prior and8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22015 CVE - 2023-22015 https://www.oracle.com/security-alerts/cpuoct2023.html

Oracle MySQL Vulnerability: CVE-2023-22026 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 5.7.42 and prior and8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22026 CVE - 2023-22026 https://www.oracle.com/security-alerts/cpuoct2023.html

Java CPU October 2023 Oracle Java SE vulnerability (CVE-2023-22067) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/17/2023 Created 10/20/2023 Added 10/19/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA).Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) jre-upgrade-latest References https://attackerkb.com/topics/cve-2023-22067 CVE - 2023-22067 http://www.oracle.com/security-alerts/cpuoct2023.html

Oracle MySQL Vulnerability: CVE-2023-22103 Severity 6 CVSS (AV:N/AC:L/Au:M/C:N/I:N/A:C) Published 10/17/2023 Created 10/24/2023 Added 10/23/2023 Modified 01/28/2025 Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).Supported versions that are affected are 8.0.34 and prior and8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Solution(s) mysql-upgrade-latest References https://attackerkb.com/topics/cve-2023-22103 CVE - 2023-22103 https://www.oracle.com/security-alerts/cpuoct2023.html

IBM AIX: java_dec2023_advisory (CVE-2023-22067): Multiple vulnerabilities in IBM Java SDK affect AIX Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 10/17/2023 Created 12/22/2023 Added 12/21/2023 Modified 01/28/2025 Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA).Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.Successful attacks of this vulnerability can result inunauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts).CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Solution(s) ibm-aix-java_dec2023_advisory References https://attackerkb.com/topics/cve-2023-22067 CVE - 2023-22067 https://aix.software.ibm.com/aix/efixes/security/java_dec2023_advisory.asc