CVE-2021-2390

MEDIUM Year: 2021
CVSS v3 Score
5.9
Medium
CVSS v2 Score
7.1
High
Weakness Type
CWE-191
View all →

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

Related Vulnerabilities

CVE-2016-2316

MEDIUM
CVSS:5.9(Medium)

chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf ...

CWE-1912016

CVE-2025-47256

MEDIUM
CVSS:5.6(Medium)

Libxmp through 4.6.2 has a stack-based buffer overflow in depack_pha in loaders/prowizard/pha.c via a malformed Pha format tracker module in a .mod file.

CWE-1912025

CVE-2020-11906

MEDIUM
CVSS:6.3(Medium)

The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.

CWE-1912020

CVE-2015-1208

MEDIUM
CVSS:5.5(Medium)

Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 f...

CWE-1912015

CVE-2017-13666

MEDIUM
CVSS:5.5(Medium)

An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.5, as used in libbpg and other products. A small height value can ...

CWE-1912017

CVE-2017-15874

MEDIUM
CVSS:5.5(Medium)

archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.

CWE-1912017