mysql: mariadb: High Privilege Denial of Service Vulnerability in MySQL Server (CPU Jan 2025)

A flaw was found in the MySQL Server component: InnoDB. This vulnerability allows a high-privileged attacker to cause a denial of service, which causes frequent crashes or hangs, via multiple network protocols...

mysql: mariadb: High Privilege Denial of Service Vulnerability in MySQL Server (CPU Jan 2025)

A flaw was found in the MySQL Server component: InnoDB. This vulnerability allows a high-privileged attacker to cause a denial of service, which causes frequent crashes or hangs, via multiple network protocols...

CVE-2026-21855 Tarkov Data Manager has Unauthenticated Reflected XSS

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting XSS vulnerability in the toast notification system allows any attacker to execute arbitrary JavaScript in the context of a victim's browser session by crafting a malicious...

CVE-2026-21855

The CVE-2026-21855 entry concerns Tarkov Data Manager. A reflected XSS in the toast notification system allowed an attacker to execute arbitrary JavaScript in a victim’s browser session via a crafted URL, affecting versions prior to 02 January 2025. A series of fix commits on 02 January 2025 addr...

CVE-2026-21854

CVE-2026-21854 affects the Tarkov Data Manager. The vulnerability is an authentication bypass in the login endpoint, enabling unauthenticated access to the admin panel via a JavaScript prototype property access vulnerability combined with loose equality type coercion. Affected are versions prior ...

EUVD-2026-1399

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows any unauthenticated user to gain full admin access to the Tarkov Data Manager admin panel by exploiting a JavaScript prototype property...

CVE-2026-21854 Tarkov Data Manager Authentication Bypass vulnerability

The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, an authentication bypass vulnerability in the login endpoint allows any unauthenticated user to gain full admin access to the Tarkov Data Manager admin panel by exploiting a JavaScript prototype property...

PT-2026-2102

Name of the Vulnerable Software and Affected Versions Tarkov Data Manager versions prior to 02 January 2025 Description The Tarkov Data Manager, a tool for managing Tarkov item data, contains an authentication bypass issue in the login endpoint. This allows any unauthenticated user to gain full...

CVE-2025-23050

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...

Pixel Watch Security Bulletin—January 2025Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Watch Security Bulletin contains details of security vulnerabilities affecting Pixel Watch devices Google Devices. For Google devices, security patch levels of 2025-01-01 or later address all issues in this bulletin and all issues in the January 2025 Android Security Bulletin and all...

Exploit for Use After Free in Microsoft

🛑 CVE-2025-21298 – Critical Zero-Click RCE in Microsoft Window...

Oracle Java SE Multiple Vulnerabilities (January 2025)

Oracle Java SE Multiple Vulnerabilities January 2025 CVE-2025-0509 CVSS 3.1 Base Score 7.3 CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H Brocade SANnav not affected: VEX Justification: Vulnerablecodenotpresent CVE-2025-21502 CVSS 3.1 Base Score 4.8 CVSS Vector:...

CVE-2024-4982

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server...

Oracle Access Manager (April 2025 CPU)

The 12.2.1.4.0 versions of Access Manager installed on the remote host are affected by a vulnerability as referenced in the April 2025 CPU advisory. - Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Proxy Apache Mina. The supported version that is affecte...

April 16, 2025—KB5059092 (OS Build 20348.3566) Out-of-band

April 16, 2025—KB5059092 OS Build 20348.3566 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2022, see its update history page.Be sure to follow @WindowsUpdate to find out when n...

April 11, 2025—KB5058920 (OS Build 20348.3561) Out-of-band

April 11, 2025—KB5058920 OS Build 20348.3561 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2022, see its update history page.Be sure to follow @WindowsUpdate to find out when n...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM® Db2®. (January 2025 CPU)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7.1.5.24 and earlier, 8.0.8.35 and earlier, and IBM Semeru Version 21.0.5.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in January 2025. Vulnerability Details...

Security Update for Microsoft .NET 8 Core (January 2025)

The version of Microsoft .NET 8 Core installed on the remote host is prior to 8.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET and Visual Studio Remote Code Execution Vulnerability CVE-2025-21172 - .NET Elevation of Privilege Vulnerabilit...

Important: Red Hat Security Advisory: mysql:8.0 security update

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated thi...

Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2025-1272)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...