How severe is CVE-2025-21559?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2025-21559?

This is classified as CWE-306, which is a common weakness in software security.

CVE-2025-21559

MEDIUM Year: 2025

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-306

View all →

Vulnerability Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

CVE-2019-12919

MEDIUM

CVSS:5.5(Medium)

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP ...

CWE-3062019

CVE-2019-20550

MEDIUM

CVSS:5.5(Medium)

An issue was discovered on Samsung mobile devices with O(8.x) (released in China and India) software. The S Secure app can access the content of a locked app without a password. The Samsung ID is SVE-...

CWE-3062019

CVE-2019-8522

MEDIUM

CVSS:5.5(Medium)

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for th...

CWE-3062019

CVE-2020-26567

MEDIUM

CVSS:5.5(Medium)

An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore un...

CWE-3062020

CVE-2020-27019

MEDIUM

CVSS:5.5(Medium)

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key.

CWE-3062020

CVE-2020-29379

MEDIUM

CVSS:5.5(Medium)

An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does no...

CWE-3062020

CVE-2025-21559

Vulnerability Description

Related Vulnerabilities

CVE-2019-12919

CVE-2019-20550

CVE-2019-8522

CVE-2020-26567

CVE-2020-27019

CVE-2020-29379