Drupal 10.5.x < 10.5.9 / 10.6.x < 10.6.7 / 11.2.x < 11.2.11 / 11.3.x < 11.3.7 Multiple Vulnerabilities (drupal-2026-04-15)

According to its self-reported version, the instance of Drupal running on the remote web server is 10.5.x prior to 10.5.9, 10.6.x prior to 10.6.7, 11.2.x prior to 11.2.11, or 11.3.x prior to 11.3.7. It is, therefore, affected by multiple vulnerabilities. - Drupal core's jQuery integration for AJA...

CVE-2025-36373

IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway could disclose sensitive system information from other domains to an administrative user...

PT-2026-29640

IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower Gateway is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...

CVE-2025-15579 An Insecure Deserialization vulnerability has been discovered in OpenText™ Directory Services.

Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injection. The vulnerability could lead to remote code execution, denial of service, or privilege escalation. This issue affects Directory Services: before 24.4.16, from 25.1 before 25.1.9, from 25.2...

MiracleLinux 8 : mariadb:10.5 (AXSA:2022-3173:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3173:01 advisory. mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2154 mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2166 mysq...

MiracleLinux 8 : mariadb:10.3 (AXSA:2022-3852:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3852:01 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669 mysq...

RHSA-2026:0344 Red Hat Security Advisory: mariadb:10.5 security update

Bulletin has no description...

RHSA-2026:0336 Red Hat Security Advisory: mariadb:10.5 security update

Bulletin has no description...

MiracleLinux 8 : mariadb:10.5 (AXSA:2026-037:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-037:01 advisory. mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 Tenable has extracted the preceding...

RHEL 8 : mariadb:10.5 (RHSA-2026:0344)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0344 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump...

RHEL 8 : mariadb:10.5 (RHSA-2026:0295)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0295 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump...

CVE-2021-31538

LANCOM R Unified Firewall UF devices running LCOS FX 10.5 allow Relative Path Traversal...

CVE-2020-7486

VERSION NOT SUPPORTED WHEN ASSIGNED A vulnerability could cause TCM modules to reset when under high network load in TCM v10.4.x and in system v10.3.x. This vulnerability was discovered and remediated in version v10.5.x on August 13, 2009. TCMs from v10.5.x and on will no longer exhibit this...

RockyLinux 8 : mariadb:10.5 (RLSA-2026:0233)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0233 advisory. mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 Tenable has extracted the preceding...

RHSA-2026:0233 Red Hat Security Advisory: mariadb:10.5 security update

Bulletin has no description...

mariadb:10.5 security update

galera Judy mariadb 3:10.5.29-3 - Release bump for rebuild...

ALSA-2026:0233 Important: mariadb:10.5 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 For more details about the security issues, including the impact...

CVE-2025-13870 Unauthorized access and subscription vulnerability in Boards

Mattermost versions 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate the user permission when accessing the files and subscribing to the block in Boards, which allows an authenticated user to access other board files and was able to subscribe to the block from other boards that the user does...

CVE-2025-12756

Mattermost versions 11.0.x = 11.0.2, 10.12.x = 10.12.1, 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate user permissions when deleting comments in Boards, which allows an authenticated user with the editor role to delete comments created by other users...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability exists in Mattermost that stems from insufficient validation of code exchange tokens, which could lead to account takeover. The following versions are affected: version 11.0.2...