836 matches found
Insecure temporary file creation, race with write access and permission
None...
CVE-2025-46802
creationtimestamp| type| source ---|---|--- 2025-05-12 17:00:00+00:00| seen| https://security.opensuse.org/2025/05/12/screen-security-issues.html3b-tty-hijacking-while-attaching-to-a-multi-user-session-cve-2025-46802 2025-05-13 11:28:49+00:00| seen| https://news.ycombinator.com/item?id=43971716...
CVE-2025-46803
creationtimestamp| type| source ---|---|--- 2025-05-12 17:00:00+00:00| seen| https://security.opensuse.org/2025/05/12/screen-security-issues.html3b-tty-hijacking-while-attaching-to-a-multi-user-session-cve-2025-46802 2025-05-13 16:45:54+00:00| seen| https://t.me/proxybar/2615 2025-05-14...
[SECURITY] Fedora 40 Update: mysql8.0-8.0.41-1.fc40
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
[SECURITY] Fedora 40 Update: mariadb10.11-10.11.11-1.fc40
MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...
Important: Red Hat Security Advisory: mysql:8.0 security update
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated thi...
Linux Distros Unpatched Vulnerability : CVE-2017-2625
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could...
Important: Red Hat Security Advisory: mysql security update
An update for mysql is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: mysql:8.0 security update
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: mysql:8.0 security update
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: mysql security update
An update for mysql is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: mysql security update
An update for mysql is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
trojan 安全漏洞
trojan is a multi-user administration and deployment program by Jrohy Individual Developer, supporting web page administration. A security vulnerability exists in trojan versions v.2.0.0 through v.2.15.3, which is caused by elevation of privilege via the initialization interface /auth/register...
CVE-2021-37601
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information list of admins, members, owners, and banned entities of a Multi-User chat room in some common configurations...
CVE-2022-21649
Convos is an open source multi-user chat that runs in a web browser. Characters starting with "https://" in the chat window create an tag. Stored XSS vulnerability using onfocus and autofocus occurs because escaping exists for "" but escaping for double quotes does not exist. Through this...
async-http-client: AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
A flaw was found in the AsyncHttpClient AHC library. When making any HTTP request, the automatically enabled and self-managed CookieStore will silently replace explicitly defined cookies with any that have the same name from the CookieStore. For services that operate with multiple users, this can...
CVE-2024-28233
JupyterHub is an open source multi-user server for Jupyter notebooks. By tricking a user into visiting a malicious subdomain, the attacker can achieve an XSS directly affecting the former's session. More precisely, in the context of JupyterHub, this XSS could achieve full access to JupyterHub API...
CVE-2024-0765
As a default user on a multi-user instance of AnythingLLM, you could execute a call to the /export-data endpoint of the system and then unzip and read that export that would enable you do exfiltrate data of the system at that save state. This would require the attacked to be granted explicit acce...
ALSA-2025:0737 Moderate: mariadb:10.11 security update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...
GHSA-J4JW-M6XR-FV6C Soft Serve vulnerable to path traversal attacks
Impact Path traversal attack gives access to existing non-admin users to access and take over other user's repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without explicitly giving them permissions. Patches This is patched in v0.8...