Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system with a Java VM component that supports running Java programs in the database. A data disclosure vulnerability exists in Oracle Database Server. The vulnerability arises from a failure of the Java VM component to properly handle a...

CVE-2025-40027

In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9fdcancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 1 PREEMPT SMP KASAN NOPTI KASAN: maybe wild-memory-access...

EUVD-2013-2732

Malware in sbrugna...

skopeo security update

An update is available for skopeo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The skopeo command lets you inspect images from container image registries, ge...

golang security update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

AZL-66665 CVE-2025-38666 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine aarpproxyprobenetwork sends a probe, releases the aarplock, sleeps, then re-acquires the lock. During that window an expire timer thread...

Linux Distros Unpatched Vulnerability : CVE-2025-22871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server ...

CLSA-2025-1753298320 kernel: Fix of 16 CVEs

Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 - NFSv4/pnfs: Fix a use-after-free bug in open CVE-2022-50072 - NFSv4: Don't hold the layoutget locks across multiple RPC calls CVE-2022-50072 - net: qrtr: start MHI channel after endpoit creation CVE-2022-50044 - tty: ngsm: add sanity...

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

Sensitive headers incorrectly sent after cross-domain redirect in net/http

...

The vulnerability of the Java VM component of the Oracle Database Server system allows a hacker to trigger a service failure.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures using the Oracle Net protocol...

SUSE-SU-2024:2894-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe bsc1220952. - CVE-2021-47103: net: sock: preserve kabi for sock bsc1221010. - CVE-2021-47186: tipc:...

PT-2023-9588 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.24 Oracle Database Server versions 21.3 through 21.15 Oracle Database Server versions 23.4 through 23.5 Description: The issue is related to insufficient protection of internal data due to...

The vulnerability of the Oracle XML DB component of the Oracle Database Server database management system allows a perpetrator to execute arbitrary code.

The vulnerability of the Oracle XML DB component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the Oracle Net protocol...

The vulnerability of the Java VM component of the Oracle Database Server system allows a hacker to cause partial service disruption.

The vulnerability of the Java VM component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a partial service failure using the Oracle Net network protocol...

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to cause a service failure.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a complete service outage using the Oracle Net protocol...

The vulnerability of the Oracle XML DB component of the Oracle Database Server database management system allows a perpetrator to execute arbitrary code.

The vulnerability of the Oracle XML DB component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the Oracle Net protocol...

The vulnerability of the net/http/httputil component in the Golang programming language allows a attacker to compromise data integrity.

The vulnerability of the net/http/httputil component in the Golang programming language is related to authentication errors. Exploiting this vulnerability allows an attacker to compromise data integrity...

GSD-2022-1000309 net: ieee802154: at86rf230: Stop leaking skb's

net: ieee802154: at86rf230: Stop leaking skb's This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.268 by commit...