CVE-2026-45278

Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version 8.2.2, an attacker can craft links that would redirect users to another website, when the victim uses the attackers link to log in via user OIDC. This issue has been patched in version 8.2.2...

CVE-2026-45278

Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version 8.2.2, an attacker can craft links that would redirect users to another website, when the victim uses the attackers link to log in via user OIDC. This issue has been patched in version 8.2.2...

Nextcloud user_oidc: Input validation error vulnerability

Nextcloud useroidc is an application developed by the German company Nextcloud. In versions 6.1.0 to 8.2.2, there was a vulnerability related to input validation errors. This vulnerability stemmed from improper redirection handling, which could allow attackers to create links that redirect users ...

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. Versions 8.2.1 and earlier allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, triggering a use-after-free and potentially leading to remote code execution. This issue exists...

Astra Linux - уязвимость в redis

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting...

Astra Linux - уязвимость в redis

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions o...

BIT-MONGODB-2026-5170 Users could trigger a crash of mongod primaries during promotion to sharded

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

CVE-2026-5170

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

Users could trigger a crash of mongod primaries during promotion to sharded

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

CVE-2026-5170 Users could trigger a crash of mongod primaries during promotion to sharded

A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006135 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006168)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006168 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis (UTSA-2026-005347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005347 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to caus...

Security Bulletin: Vulnerabilities in Apache Commons Lang affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary Vulnerabilities in Apache Commons Lang affect IBM® Db2® Big SQL 8.2.1 on IBM Cloud Pak for Data 5.2.1 and earlier. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

K000159544: Redis Lua vulnerability CVE-2025-49844

Security Advisory Description Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution...

CVE-2021-2110

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications component: Letters. The supported version that is affected is 8.2.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the...

Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

Dell PowerScale OneFS 8.2.2 <= 9.7.0.3 / 9.8.0.0 < 9.8.0.1 Improper Privilege Management (DSA-2024-255)

The Dell PowerScale OneFS on the remote device is missing a security patch and is, therefore, affected by improper privilege management vulnerability. - Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker...

TencentOS Server 3: redis:6 (TSSA-2025:0931)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0931 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

PT-2025-44989

Name of the Vulnerable Software and Affected Versions Redis versions 8.2.0 through 8.2.2 Description Redis, an open-source, in-memory database, contains a stack buffer overflow issue in the XACKDEL command when handling multiple IDs. Successful exploitation of this issue may allow a remote attack...