13 matches found
CLSA-2025-1766409829 mysql: Fix of 33 CVEs
Update to MySQL 8.0.44 CVE-2025-53069 CVE-2025-53042 CVE-2025-53053 CVE-2025-53062 CVE-2025-53044 CVE-2025-53040 CVE-2025-53054 CVE-2025-53045 - MySQL 8.0.43 CVE-2025-50078 CVE-2025-50082 CVE-2025-50083 CVE-2025-50085 CVE-2025-50077 CVE-2025-50088 CVE-2025-50092 CVE-2025-50099 CVE-2025-50086...
Oracle MySQL Cluster 9.x.x < 9.5.0 (October 2025 CPU)
The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General libxml2. Easily exploitable vulnerability allows...
SUSE: Security Advisory (SUSE-SU-2025:03198-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for curl
This update for curl fixes the following issues: Update to version 8.14.1 jscPED-13055, jscPED-13056. Security issues fixed: CVE-2025-0665: eventfd double close can cause libcurl to act unreliably bsc1236589. CVE-2025-4947: QUIC certificate check is skipped with wolfSSL allows for MITM attacks...
Linux Distros Unpatched Vulnerability : CVE-2025-5399
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop...
curl-8.14.1-4.1 on GA media (moderate)
curl-8.14.1-4.1 on GA media Announcement ID: openSUSE-SU-2025:15213-1 Rating: moderate Cross-References: CVE-2025-5399 CVSS scores: CVE-2025-5399 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-5399 SUSE : 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affect...
Curl 8.13.0 < 8.14.1 DoS (CVE-2025-5399)
The version of Curl installed on the remote host is is missing security update. It is, therefore, affected by a denial of service vulnerability. - Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless...
CVE-2025-5399
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...
CVE-2025-5399
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...
CVE-2025-5399
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...
CVE-2025-5399 WebSocket endless loop
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...
CVE-2025-5399
CVE-2025-5399 affects libcurl’s WebSocket handling. The defect in curl_ws_send/curl WebSocket code can cause a malicious server to trigger an endless busy-loop, leading to denial of service as the application hangs until process termination. Public details confirm the issue arises from a WebSocke...
CVE-2025-5399
Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...