212 matches found
mysql: InnoDB unspecified vulnerability (CPU Apr 2025)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
PT-2026-43419
Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7 macOS Sonoma versions prior to 14.8 macOS Tahoe versions prior to 26 Description A permissions issue exists where an application may be able to modify protected parts of the file system. Recommendations...
Linux Distros Unpatched Vulnerability : CVE-2022-21449
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are...
Linux Distros Unpatched Vulnerability : CVE-2024-20932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions...
Linux Distros Unpatched Vulnerability : CVE-2024-21004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are...
Linux Distros Unpatched Vulnerability : CVE-2022-1434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacke...
Linux Distros Unpatched Vulnerability : CVE-2024-21012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versio...
Linux Distros Unpatched Vulnerability : CVE-2022-21496
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JNDI. Supported versions that are affected are Oracl...
PT-2025-33647 · Unknown · File Station 5
Name of the Vulnerable Software and Affected Versions: File Station 5 versions prior to 5.5.6.4933 Description: An out-of-bounds write vulnerability affects File Station 5. If a remote attacker gains a user account, they can exploit the vulnerability to modify or corrupt memory. Recommendations:...
Linux Distros Unpatched Vulnerability : CVE-2024-20969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior...
Linux Distros Unpatched Vulnerability : CVE-2023-21882
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily...
CVE-2025-55156 PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter addlinks in API /json/addpackage is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched ...
Linux Distros Unpatched Vulnerability : CVE-2022-21635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.29 and prior. Easily exploitable...
PT-2025-31735 · WordPress · Ultimate Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Ultimate Addons for Elementor versions up to and including 2.4.6 Description: The Ultimate Addons for Elementor plugin for WordPress contains a flaw that allows unauthorized data modification. A missing capability check within the save hfe...
CVE-2025-53964
Removed by vendor...
CVE-2025-50060
Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...
Oracle Fusion Middleware 访问控制错误漏洞
Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract or TarFile.extractall with the filte...
CVE-2025-4571
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized view and modification of data due to an insufficient capability check on the permissionsCheck functions in all versions up to, and including, 4.3.0. This makes it possible for authenticated...
Medium: perl-YAML-LibYAML
Issue Overview: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified CVE-2025-40908 Affected Packages: perl-YAML-LibYAML Issue Correction: Run dnf update perl-YAML-LibYAML --releasever 2023.7.20250623 or dnf update --advisory ALAS2023-2025-1036...