Improper Control of Interaction Frequency

Overview org.apache.cassandra:cassandra-all is a maven plugin for the Apache Cassandra Project. Which, develops a highly scalable second-generation distributed database, bringing together Dynamo's fully distributed design and Bigtable's ColumnFamily-based data model. Affected versions of this...

GHSA-FH34-C629-P8XJ Apache Cassandra has sensitive Information Leak in cqlsh

Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...

EUVD-2026-19763

Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...

CVE-2026-27315

Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...

CVE-2026-32588

The CVE affects Apache Cassandra (versions 4.0, 4.1, 5.0). A vulnerability in the Cassandra Query Language (CQL) path allows an authenticated user to repeatedly change passwords (ALTER ROLE) and trigger expensive authentication-table reads/writes, causing increased query latency and potential Den...

CVE-2026-27315 Apache Cassandra: cqlsh history sensitive information leak

Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...

PT-2026-30915

Name of the Vulnerable Software and Affected Versions Apache Cassandra versions 4.0 through 4.0.19 Description Apache Cassandra's command-line tool, cqlsh, saves command history in the /.cassandra/cqlsh history file. This file does not redact sensitive information, meaning passwords used in cqlsh...

[SECURITY] [DLA 4373-1] libwebsockets security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4373-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta November 17, 2025 https://wiki.debian.org/LTS -...

WordPress ColorMag Theme <= 4.0.19 is vulnerable to Broken Access Control

Software ColorMag Type Theme Vulnerable versions = 4.0.19 Fixed in 4.0.20 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-9202 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 43bacb806b7e Credits Dmitrii Ignatyev Required privilege...

CVE-2025-26964

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Arraytics Eventin wp-event-solution allows PHP Local File Inclusion.This issue affects Eventin: from n/a through = 4.0.20...

SUSE CVE-2019-11101

Insufficient input validation in the subsystem for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

MongoDB DoS Vulnerability (SERVER-51083) - Linux

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

MongoDB 3.6 < 3.6.19, 4.0 < 4.0.20, 4.2 < 4.2.9 DoS Vulnerability - Linux

MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...

PT-2020-6164 · Mongodb +1 · Mongodb Server +2

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 3.6.21 MongoDB Server versions prior to 4.0.20 Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries containing a type of regex. This iss...

Input validation

Insufficient input validation in IntelR DAL software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access...

Easy Discuss, 4.0.20, XSS

Easy Discuss by Stackideas, versions 4.0.20 and previous, XSS Resolution: update to 4.0.21 update notice: https://stackideas.com/blog/easydiscuss4021-update...

Oracle VirtualBox Local Denial of Service Vulnerability-01 (Oct 2013) - Windows

Oracle VirtualBox is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MySQL < 4.0.20 File Overwrite

The version of MySQL installed on the remote host is older than 4.0.20. A local attacker could exploit a flaw in mysqlbug to overwite arbitrary files via a symlink attack. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17823; scriptversion"1.8"; scriptcvsdate"Date:...

Gentoo Security Advisory GLSA 200409-02 (MySQL)

The remote host is missing updates announced in advisory GLSA 200409-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

MySQL安全调用特权提升漏洞

MySQL是一款开放源代码的数据库程序。 MySQL在部分函数过程中不正确恢复访问特权，远程攻击者可以利用漏洞提升权限，进行其他攻击。 目前没有详细漏洞细节提供。 MySQL AB MySQL 5.1.17 MySQL AB MySQL 5.1.16 MySQL AB MySQL 5.1.15 MySQL AB MySQL 5.1.14 MySQL AB MySQL 5.1.13 MySQL AB MySQL 5.1.12 MySQL AB MySQL 5.1.11 MySQL AB MySQL 5.1.10 MySQL AB MySQL 5.1.9 MySQL AB MySQL 5.1...