Astra Linux - уязвимость в php7.3

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16, and 8.2.X before 8.2.3, the passwordverify function may accept some invalid Blowfish hashes as valid. If such invalid hashes end up in the password database, it may allow an application to accept any password for that entry as valid...

Linux Distros Unpatched Vulnerability : CVE-2022-21484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and...

Linux Distros Unpatched Vulnerability : CVE-2023-21866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

BIT-LIBPHP-2023-0662 DoS vulnerability when parsing multipart request body

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU resources or disk space...

BIT-LIBPHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

Linux Distros Unpatched Vulnerability : CVE-2022-21423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.28 and prior. Easily exploitable...

Linux Distros Unpatched Vulnerability : CVE-2022-21605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Data Dictionary. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 5.7.37 and prior...

Linux Distros Unpatched Vulnerability : CVE-2022-21440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PAM Auth Plugin. Supported versions that are affected are 8.0.28 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2022-21417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior...

Linux Distros Unpatched Vulnerability : CVE-2022-21479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

CVE-2022-21490

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.35 and prior, 7.5.25 and prior, 7.6.21 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

CVE-2024-27981

The CVE-2024-27981 describes a Command Injection vulnerability in self-hosted UniFi Network Server software (Linux) running UniFi Network Application

CVE-2024-27981

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers Linux with UniFi Network Application Version 8.0.28 and earlier allows a malicious actor with UniFi Network Application Administrator credentials to escalate privileges to root on the host device. Affected Products:...

VulnCheck KEV: CVE-2023-31465

An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named argx, with x an integer starting from 1; it is possible...