CVE-2025-30706

HIGH Year: 2025
CVSS v3 Score
7.5
High
Weakness Type
CWE-276
View all →

Vulnerability Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

Related Vulnerabilities

CVE-2010-5108

HIGH
CVSS:7.5(High)

Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permission...

CWE-2762010

CVE-2012-5577

HIGH
CVSS:7.5(High)

Python keyring lib before 0.10 created keyring files with world-readable permissions.

CWE-2762012

CVE-2017-18668

HIGH
CVSS:7.5(High)

An issue was discovered on Samsung mobile devices with M(6.0) software. Attackers can prevent users from making outbound calls and sending outbound text messages. The Samsung ID is SVE-2017-8706 (June...

CWE-2762017

CVE-2017-18669

HIGH
CVSS:7.5(High)

An issue was discovered on Samsung mobile devices with N(7.x) software. Persona has an unprotected API that allows launch of any activity with system privileges. The Samsung ID is SVE-2017-9000 (June ...

CWE-2762017

CVE-2017-4975

HIGH
CVSS:7.5(High)

An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create a running open security group that overrides security groups set by the op...

CWE-2762017

CVE-2018-8848

HIGH
CVSS:7.5(High)

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor.

CWE-2762018