Lucene search
K

4780 matches found

RedHat Linux
RedHat Linux
added 2026/03/10 8:35 a.m.2 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00337EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.5 views

RHEL 10 : mysql8.4 (RHSA-2026:4162)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4162 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and...

6.5CVSS7.2AI score0.00337EPSS
Exploits0References15
OSV
OSV
added 2026/03/10 12:0 a.m.4 views

ALSA-2026:4162 Moderate: mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: mysql:...

6.5CVSS5.8AI score0.00337EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2026/03/07 12:25 a.m.4 views

SUSE CVE-2026-29074

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...

7.5CVSS5.7AI score0.00612EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/06 2:37 p.m.9 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS5.8AI score0.00102EPSS
Exploits0References1
NVD
NVD
added 2026/03/06 8:16 a.m.9 views

CVE-2026-29074

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...

7.5CVSS0.00612EPSS
Exploits1References28
OSV
OSV
added 2026/03/06 7:23 a.m.2 views

CVE-2026-29074 SVGO: DoS through entity expansion in DOCTYPE (Billion Laughs)

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...

7.5CVSS5.7AI score0.00612EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/06 7:23 a.m.3 views

CVE-2026-29074 SVGO: DoS through entity expansion in DOCTYPE (Billion Laughs)

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansi...

7.5CVSS5.7AI score0.00612EPSS
Exploits1References1
CVE
CVE
added 2026/03/06 7:23 a.m.73 views

CVE-2026-29074

CVE-2026-29074 affects SVGO (SVG Optimizer), a Node.js library/CLI for optimizing SVGs. Versions 2.1.0–before 2.8.1, 3.0.0–before 3.3.3, and before 4.0.1 accept XML with custom entities without guards against entity expansion/recursion, enabling DoS via entity expansion that can stall or crash th...

7.5CVSS5.7AI score0.00612EPSS
Exploits1References28Affected Software1
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.9 views

SVGO 安全漏洞

SVGO is an open-source SVG file optimization tool. Versions of SVGO prior to 2.1.0, 2.8.1, 3.0.0, 3.3.3, and 4.0.1 have security vulnerabilities due to insufficient protection against entity expansion when processing XML custom entities, which may lead to denial-of-service attacks...

7.5CVSS7.1AI score0.00612EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2026-005905)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005905 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...

4.9CVSS5.8AI score0.00533EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.9 views

Dell Optimizer 6.x < 6.3.1.0 Privilege Escalation (DSA-2026-094)

The version of Dell Optimizer installed on the remote host is 6.x prior to 6.3.1.0. It is, therefore, affected by a vulnerability: - An improper link resolution before file access vulnerability that could allow a low privileged attacker with local access to exploit this vulnerability, leading to...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2026-005904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005904 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...

4.9CVSS5.8AI score0.00533EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/05 3:30 p.m.5 views

EUVD-2026-9822

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS6AI score0.00102EPSS
Exploits0References5
NVD
NVD
added 2026/03/05 3:16 p.m.13 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

7.8CVSS0.00102EPSS
Exploits0References3
NVD
NVD
added 2026/03/05 3:16 p.m.8 views

CVE-2026-27749

Avira Internet Security contains a deserialization of untrusted data vulnerability in the System Speedup component. The Avira.SystemSpeedup.RealTimeOptimizer.exe process, which runs with SYSTEM privileges, deserializes data from a file located in C:\ProgramData using .NET BinaryFormatter without...

7.8CVSS0.00323EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/05 2:15 p.m.3 views

CVE-2026-27750 Avira Internet Security Optimizer TOCTOU

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS5.8AI score0.00102EPSS
Exploits0References4
CVE
CVE
added 2026/03/05 2:15 p.m.25 views

CVE-2026-27750

Avira Internet Security is affected by a TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and later deletes them in a separate cleanup phase without revalidating the target path. An local attacker could ...

8.5CVSS6AI score0.00102EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/05 2:15 p.m.29 views

CVE-2026-27750 Avira Internet Security Optimizer TOCTOU

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

7.8CVSS0.00102EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/05 2:15 p.m.8 views

CVE-2026-27750

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS6AI score0.00102EPSS
Exploits0References5
Rows per page
Query Builder