CVE-2026-31871 Parse Server has a SQL Injection via dot-notation sub-key name in `Increment` operation on PostgreSQL

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.5 and 8.6.31, a SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g.,...

Linux Distros Unpatched Vulnerability : CVE-2026-2006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun...

Linux Distros Unpatched Vulnerability : CVE-2019-2758

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior...

Linux Distros Unpatched Vulnerability : CVE-2020-14828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

mysql: MySQL Server: Denial of Service (DoS) via network access by a high privileged attacker

A flaw was found in MySQL Server. This vulnerability allows a high privileged attacker with network access via multiple protocols to cause a hang or frequently repeatable crash complete Denial of Service DoS...

PT-2024-39057 · Franklin Fueling Systems · Ts-550 Evo

Name of the Vulnerable Software and Affected Versions: Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 Description: The issue allows an attacker to read a file arbitrarily, potentially obtaining administrator credentials. Recommendations: For Franklin Fueling Systems TS-550 EVO...

AZL-50529 CVE-2024-21160 affecting package mysql for versions less than 8.0.40-1

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

PT-2024-3990

Name of the Vulnerable Software and Affected Versions Progress Telerik Report Server versions 2024 Q1 10.0.24.305 or earlier Description The issue is related to an authentication bypass vulnerability in Progress Telerik Report Server, allowing an unauthenticated attacker to gain access to...

PT-2024-18730 · Samsung · Galaxy Store

Name of the Vulnerable Software and Affected Versions: Galaxy Store versions prior to 4.5.63.6 Description: The issue allows local attackers to access sensitive information via implicit intent. This is due to an implicit intent hijacking vulnerability in the SamsungAccount component of the Galaxy...

PT-2023-8450 · Ilias · Ilias

Name of the Vulnerable Software and Affected Versions: ILIAS versions prior to 7.23 ILIAS versions 8 prior to 8.3 Description: The issue is related to the incorrect implementation of the sequence of actions in the ILIAS learning management system. It allows a remote attacker to execute arbitrary...

SUSE CVE-2020-14793

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

PT-2023-32197 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac versions prior to 2.3.0-DEV Description: The issue is related to a NULL Pointer Dereference in the GitHub repository gpac/gpac. Recommendations: For versions prior to 2.3.0-DEV, update to version 2.3.0-DEV or later to resolve the issue...

Plone Cross-Site Scripting Vulnerability

Plone is an open source content management system CMS built on the Zope application server. A cross-site scripting vulnerability exists in versions prior to plone.namedfile 5.6.1, 6.0.3, 6.1.3, and 6.2.1, which stems from a security issue with SVG images that was not fully fixed by previous...

PT-2023-22892 · Unknown · Libsec-Ril

Name of the Vulnerable Software and Affected Versions: libsec-ril versions prior to SMR Aug-2023 Release 1 Description: The issue is related to an out-of-bounds write in the DoOemFactorySendFactoryBypassCommand of libsec-ril, allowing a local attacker to execute arbitrary code. Recommendations: F...

PT-2023-17110 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2022.3.13 and prior Description: The issue allows users with restricted rights to bypass entry permission via id collision when importing or synchronizing entries in the User vault. Recommendations: For Devolutions...

PT-2023-33369 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: The issue concerns the protection of tpm pm suspend with locks. It was introduced in version v5.1 and fixed in Linux Kernel version v5.4.226. The actual impact and attack plausibility have...

mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

AZL-7741 CVE-2022-21368 affecting package mysql for versions less than 8.0.28-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

AZL-7722 CVE-2022-21332 affecting package mysql for versions less than 8.0.28-1

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

AZL-7695 CVE-2022-21279 affecting package mysql for versions less than 8.0.28-1

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...