Unity Linux 20.1070e Security Update: mariadb (UTSA-2026-021664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021664 advisory. MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE. Tenable has extracted the...

EUVD-2025-25431

Malicious code in bioql PyPI...

EUVD-2022-7032

Malicious code in bioql PyPI...

Mattermost Open Redirect vulnerability

Mattermost versions 10.5.x = 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs...

CVE-2025-9084

Mattermost versions 10.5.x = 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs...

CVE-2025-47700 AI plugin APIs can be triggered using post actions

Mattermost Server versions 10.5.x = 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions...

PT-2025-34196 · Mattermost · Mattermost Server +1

Name of the Vulnerable Software and Affected Versions: Mattermost Server versions 10.5.0 through 10.5.9 Description: Mattermost Server versions 10.5.x up to and including 10.5.9, when utilizing the Agents plugin, do not reject empty request bodies. This allows users to potentially trick others in...

Mattermost Server 安全漏洞

Mattermost Server is a suite of open source messaging platforms from US-based Mattermost. A security vulnerability exists in Mattermost Server version 10.5.9 and prior versions, which stems from the Agents plugin not rejecting empty request bodies, which could cause users to click on malicious...

BIT-MARIADB-MIN-2021-46662

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

BIT-MYSQL-CLIENT-2021-46661

MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

BIT-MYSQL-CLIENT-2021-46662

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

BIT-MYSQL-CLIENT-2021-46664

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

BIT-MYSQL-CLIENT-2021-46669

MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used...

BIT-MARIADB-2021-46662

MariaDB through 10.5.9 allows a setvar.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subquery...

BIT-MARIADB-2021-46669

MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used...

mariadb: MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used

A use-after-free vulnerability was found in MariaDB. This flaw allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used, resulting in a denial of service...

SUSE CVE-2021-46668

MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures...

CVE-2022-39365

Pimcore is an open source data and experience management platform. Prior to version 10.5.9, the user controlled twig templates rendering in Pimcore/Mail & ClassDefinition\Layout\Text is vulnerable to server-side template injection, which could lead to remote code execution. Version 10.5.9 contain...

Pimcore 代码注入漏洞

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce framework and product information management applications. A security vulnerability exists in Pimcore...

mariadb: MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations

MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...