87 matches found
Improper Encoding or Escaping of Output
Overview symfony/symfony is a PHP framework for web applications and a set of reusable PHP components. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the UrlGenerator due to incorrectly encoding chained dot-segments ../ or ./. The legacy...
MiracleLinux 9 : php-8.0.13-2.el9 (AXSA:2022-4033:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4033:02 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 Tenable has extracted the preceding description block directly from...
CVE-2025-13644
MongoDB Server may experience an invariant failure during batched delete operations when handling documents. The issue arises when the server mistakenly assumes the presence of multiple documents in a batch based solely on document size exceeding BSONObjMaxSize. This issue affects MongoDB Server...
CVE-2025-13644
The CVE-2025-13644 issue affects MongoDB Server and stems from an invariant failure during batched delete operations. The server may misinterpret a batch as containing multiple documents when the document size exceeds BSONObjMaxSize, leading to incorrect handling of the batch. Affected versions i...
Linux Distros Unpatched Vulnerability : CVE-2019-2507
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 a...
Linux Distros Unpatched Vulnerability : CVE-2019-2529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 a...
Linux Distros Unpatched Vulnerability : CVE-2019-2534
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.42 and prior, 5.7.24...
Amazon Linux 2 : php (ALASPHP8.0-2023-001)
The version of php installed on the remote host is prior to 8.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2PHP8.0-2023-001 advisory. A flaw was found in php. The main cause of this vulnerability is improper input validation while parsing an Extensible Markup...
SUSE CVE-2019-2482
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: PS. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
SUSE CVE-2019-2507
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol...
SUSE CVE-2019-2513
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Shell. Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server...
SUSE CVE-2019-2530
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
SUSE CVE-2019-2529
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...
SUSE CVE-2019-2534
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco...
SUSE CVE-2019-2536
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Packaging. Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MyS...
GHSA-V5RQ-W2XM-7G5F Improper Access Control in MySQL Connector Python
Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Python. Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connector...
Security fix for the ALT Linux 10 package php8.0 version 8.0.13-alt1
8.0.13-alt1 built Dec. 1, 2021 Anton Farygin in task 290330 Nov. 20, 2021 Anton Farygin - 8.0.13 Fixes: CVE-2021-21707...
PHP 8.0.x < 8.0.13
The version of PHP installed on the remote host is prior to 8.0.13. It is, therefore, affected by a vulnerability as referenced in the Version 8.0.13 advisory. - In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile,...
CVE-2019-2530
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...
Fedora 30 : phpMyAdmin (2019-6404181bf9)
Upstream announcement : Welcome to phpMyAdmin 4.9.1, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for thi...