53 matches found
UBUNTU-CVE-2026-54502
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without...
CVE-2026-54502
Oj (Optimized JSON) is a Ruby gem that provides a JSON parser and object marshaller. Vulnerability: in versions prior to 3.17.2, Oj.dump can trigger a stack-based buffer overflow when a very large indent value is used. The root cause is fill_indent in dump.h calling memset(indent_str, ' ', (size_...
PT-2026-51064
Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description Oj.dump is subject to a stack-based buffer overflow when a large :indent value is provided. The fill indent function in dump.h utilizes memset to fill a buffer without validating the size of the indent...
Important: vim
Issue Overview: When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctl...
MiracleLinux 8 : mariadb:10.11 (AXSA:2026-413:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-413:01 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...
mariadb-devel:10.3 security update
An update is available for asio, galera, Judy, module.asio, mariadb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a multi-user, multi-threaded SQL...
Important: Red Hat Security Advisory: mariadb-devel:10.3 security update
An update for the mariadb-devel:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
RHEL 9 : mariadb:10.11 (RHSA-2026:0334)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0334 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump...
MiracleLinux 9 : mariadb-10.5.29-3.el9_7 (AXSA:2026-010:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-010:01 advisory. mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 Tenable has extracted the preceding...
mariadb:10.3 security update
An update is available for module.mariadb, galera, Judy, module.galera, mariadb, module.Judy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a...
Important: Red Hat Security Advisory: mariadb:10.11 security update
An update for the mariadb:10.11 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: mariadb:10.11 security update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...
RHEL 10 : mariadb10.11 (RHSA-2026:0136)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0136 advisory. MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation...
EUVD-2025-204966
MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MariaDB. Interaction with the mariadb-dump utility is required to exploit this vulnerability but attack vectors m...
galera and mariadb security update
An update is available for galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Galera is a fast synchronous multimaster wsrep provider replication engine for...
ALSA-2025:19584 Moderate: galera and mariadb security update
Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see repository. For a description of Galera replication engine see web. Security Fixes: mysql: High Privilege Denial of Service...
Medium: postgresql
Issue Overview: Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected...
EUVD-2019-6848
Malware in sbrugna...
ROS-20250923-09
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
ROS-20250912-03
Vulnerability of pgdump utility of PostgreSQL database management system is related to failure to take measures to protect SQL query structure. protection of SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code...