386 matches found
USN-8324-1 tika vulnerabilities
It was discovered that Apache Tika incorrectly handled XML external entities when parsing XFA content in PDF files. An attacker could possibly use this issue to obtain sensitive information or send malicious requests to internal resources or third-party servers...
Oracle MySQL Server InnoDB Component Denial of Service Vulnerability (CNVD-2026-18430)
Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL Server. The vulnerability stems from a flaw in the...
Oracle MySQL Server InnoDB Component Denial of Service Vulnerability (CNVD-2026-18431)
Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL Server. The vulnerability stems from an internal...
Oracle MySQL Server GIS Component Denial of Service Vulnerability
Oracle MySQL Server is an open source relational database management system with a GIS component that provides geospatial data processing capabilities. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the GIS component to properly handle a...
Oracle MySQL Server DML Component Denial of Service Vulnerability
Oracle MySQL Server is an open source relational database management system for storing, querying and managing data. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the Server: DML component to properly handle a specific request and can b...
Oracle MySQL Server Optimizer Denial of Service Vulnerability (CNVD-2026-18578)
Oracle MySQL Server is an open source relational database management system for storing, managing and retrieving data. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the Server: Optimizer component to properly handle a specific request a...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL Server. The vulnerability stems from an internal...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is an open source relational database management system for storing, querying and managing data. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the Server: DML component to properly handle a specific request and can b...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL Server. The vulnerability stems from a flaw in the...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is an open source relational database management system with an InnoDB component that provides transaction-safe storage engine functionality. A denial of service vulnerability exists in the InnoDB component of Oracle MySQL Server. The vulnerability stems from a flaw in the...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is an open source relational database management system that provides data storage, querying and management capabilities. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the Server: JSON component to properly handle...
Oracle MySQL Server 安全漏洞
Oracle MySQL Server is an open source relational database management system with a GIS component that provides geospatial data processing capabilities. A denial of service vulnerability exists in Oracle MySQL Server. The vulnerability stems from a failure of the GIS component to properly handle a...
PT-2026-31762
OpenClaw before 2026.3.22 contains an unauthenticated resource exhaustion vulnerability in voice call webhook handling that buffers request bodies before provider signature checks. Attackers can send large or malicious webhook requests to exhaust server resources without authentication by bypassi...
PT-2026-29894
HiOS Switch Platform versions 09.1.00 prior to 09.4.05 and 10.3.01 contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboo...
Black 输入验证错误漏洞
Black is a Python code formatter developed by the Python Software Foundation. Versions of Black prior to 26.3.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from the ability for malicious pull requests to configure the use of malicious repository URLs,...
Frappe 代码问题漏洞
Frappe is a web development framework based on Python and Mariadb, with integrated front-end pages, developed by the Indian company Frappe. There are code-related vulnerabilities in versions prior to Frappe 14.100.1, 15.100.0, and 16.6.0. These vulnerabilities allow malicious requests to cause th...
PT-2026-23027
Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description A flaw exists in the VPN web services component that may allow a remote attacker t...
CVE-2019-25451
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2019-25451
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...
CVE-2025-59895
Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...