vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-35648 via openclaw (=0.0.1)

openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-35648 Source advisory: OSV:GHSA-WJ55-88GF-X564...

PT-2026-28798

OpenClaw before 2026.3.22 contains a policy bypass vulnerability where queued node actions are not revalidated against current command policy when delivered. Attackers can exploit stale allowlists or declarations that survive policy tightening to execute unauthorized commands...

CVE-2023-35648

In ProtocolMiscLceIndAdapter::GetConfLevel of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...

CVE-2024-35648

Technical details for CVE-2024-35648 are not provided in the supplied documents. No affected software, root cause, or remediation is disclosed here; monitor for updates from the announcing organization.

WordPress Emergency Password Reset Plugin <= 8.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Emergency Password Reset Type Plugin Vulnerable versions = 8.0 Fixed in 9.0 OWASP Top 10 A8: Software and Data Integrity Failures Classification Cross Site Request Forgery CSRF CVE CVE-2024-35648 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cd74213ad8d6 Credits...

CVE-2023-35648

creationtimestamp| type| source ---|---|--- 2023-10-12 00:17:56+00:00| seen| https://t.me/cibsecurity/72155...

CVE-2023-35648

CVE-2023-35648 affects Google Pixel baseband firmware through a missing bounds check in ProtocolMiscLceIndAdapter::GetConfLevel() within protocolmiscadapter.cpp. This causes an out-of-bounds read that could enable remote information disclosure and requires baseband firmware compromise, with no us...

RHEL 8 : mysql:8.0 (RHSA-2022:7119)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7119 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

CentOS 8 : mysql:8.0 (CESA-2022:7119)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7119 advisory. - mysql: Server: DML unspecified vulnerability CPU Oct 2021 CVE-2021-2478, CVE-2021-2479, CVE-2021-35591, CVE-2021-35607 - mysql: Server: Optimizer...

CVE-2022-35648

CVE-2022-35648 affects Nautilus treadmills, specifically T616 (S/N 100672PRO21140001–100672PRO21171980) and T618 (S/N 100647PRO21130111–100647PRO21183960) with software prior to 2022-06-09. The vulnerability allows a physically proximate attacker to cause a denial of service (fall) by connecting ...

CVE-2021-35648 affecting package mysql for versions less than 8.0.28-1

CVE-2021-35648 affecting package mysql for versions less than 8.0.28-1. An upgraded version of the package is available that resolves this issue...

Photon OS 3.0: Mysql PHSA-2021-3.0-0327

An update of the mysql package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0327. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

CVE-2021-35648 affecting package mysql 8.0.26-2

CVE-2021-35648 affecting package mysql 8.0.26-2. An upgraded version of the package is available that resolves this issue...

Ubuntu: Security Advisory (USN-5123-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-35648

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2021-35648 vulnerabilities

Vulnerabilities for packages: mysql...

CVE-2021-35648

CVE-2021-35648 affects Oracle MySQL Server (Server: FTS) prior to 8.0.28-1, allowing a high-privileged attacker with network access to cause a denial-of-service (hang/crash) via the FTS path. Affected versions include 8.0.26 and earlier. Remediation noted in connected data: upgrade to 8.0.28-1 or...

CVE-2021-35648

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2021-35648

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...