6846 matches found
Akkadian Provisioning Manager - Information Disclosure
Akkadian Provisioning Manager is susceptible to information disclosure. The restricted shell provided can be escaped by abusing the Edit MySQL Configuration command. This command launches a standard VI editor interface which can then be escaped. id: CVE-2021-31581 info: name: Akkadian Provisionin...
mariadb10.11 security, bug fix, and enhancement update
3:10.11.18-1 - Rebase to 10.11.18 3:10.11.17-1 - Rebase to 10.11.17 3:10.11.16-1 - Rebase to 10.11.16...
CVE-2026-50147
Metabase is an open-source business intelligence and embedded analytics tool. From 1.57.0 until 1.57.19.1, 1.58.14.1, 1.59.10, and 1.60.4, an attacker who can configure a Metabase database connection can read arbitrary files from the Metabase server's filesystem by adding unsafe JDBC parameters t...
EUVD-2026-44603
A boolean-based SQL Injection vulnerability exists in Apache Fineract's Client Search API GET /api/v1/clients in versions up to and including 1.14.0. The orderBy and sortOrder request parameters are concatenated into a SQL query without sufficient validation, allowing an authenticated user with...
CVE-2026-55405
LangChain4j is a Java library for building LLM-powered applications on the JVM. Prior to 1.2.1-beta8, 1.5.1-beta11, 1.11.8-beta19, and 1.16.3-beta26, the MariaDB and pgvector embedding stores build metadata-filter SQL by string-concatenating filter keys, and in MariaDB string values, directly int...
CVE-2026-55405
LangChain4j contains a SQL injection vulnerability in the embedding stores for MariaDB and pgvector. Prior to versions 1.2.1-beta8, 1.5.1-beta11, 1.11.8-beta19, and 1.16.3-beta26, metadata filter keys (and, for MariaDB, some string values) are concatenated directly into SQL in EmbeddingSearchRequ...
CVE-2026-55405 LangChain4j: SQL injection via metadata filters in langchain4j-mariadb and langchain4j-pgvector
LangChain4j is a Java library for building LLM-powered applications on the JVM. Prior to 1.2.1-beta8, 1.5.1-beta11, 1.11.8-beta19, and 1.16.3-beta26, the MariaDB and pgvector embedding stores build metadata-filter SQL by string-concatenating filter keys, and in MariaDB string values, directly int...
CVE-2026-55405 LangChain4j: SQL injection via metadata filters in langchain4j-mariadb and langchain4j-pgvector
LangChain4j is a Java library for building LLM-powered applications on the JVM. Prior to 1.2.1-beta8, 1.5.1-beta11, 1.11.8-beta19, and 1.16.3-beta26, the MariaDB and pgvector embedding stores build metadata-filter SQL by string-concatenating filter keys, and in MariaDB string values, directly int...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: descheduler, docker-compose, nri-mysql, dagger, kubernetes-dashboard-metrics-scraper, q, otel-cli, rancher, conjur-cli, cloudnative-pg, controller-gen, kapp-controller, timestamp-authority, smokescreen, boring-registry, traefik, litestream, gobuster, datadog-agent,...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb11.8: mariadb-11.8.8-3.hum1 aarch64, x8664 mariadb-backup-11.8.8-3.hum1 aarch64, x8664 mariadb-client-utils-11.8.8-3.hum1 noarch mariadb-common-11.8.8-3.hum1 noarch...
MiracleLinux 8 : mariadb:10.11 (AXSA:2026-1201:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1201:01 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: RHEL8tracker Rebase Galera to 26.4.27...
RockyLinux 9 : mariadb:11.8 (RLSA-2026:33481)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33481 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9 tracker Rebase Galera to...
RockyLinux 10 : mariadb10.11 (RLSA-2026:33093)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33093 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rebase MariaDB 10.11 to 10.11.18 in Roc...
RockyLinux 9 : mariadb:10.11 (RLSA-2026:33482)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33482 advisory. mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to...
mariadb10.11 security, bug fix, and enhancement update
An update is available for mariadb10.11. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a community developed fork from MySQL - a multi-user,...
galera and mariadb11.8 security, bug fix, and enhancement update
An update is available for mariadb11.8, galera. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a community developed fork from MySQL - a multi-user,...
RLSA-2026:33412 Important: galera and mariadb11.8 security, bug fix, and enhancement update
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...
RLSA-2026:33093 Important: mariadb10.11 security, bug fix, and enhancement update
MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs a...
RLSA-2026:33482 Important: mariadb:10.11 security, bug fix, and enhancement update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux9tracker Rebase Galera to 26.4.27 MariaDB:10.11 JIRA:Rocky...
mariadb:11.8 security, bug fix, and enhancement update
An update is available for module.galera, module.mariadb, mariadb, galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threade...