Oracle REST Data Services 安全漏洞

Oracle REST Data Services is a middleware tool provided by Oracle, Inc., in the United States, that exposes features of the Oracle database to applications through RESTful APIs. Versions 24.2.0 to 26.1.0 of Oracle REST Data Services have security vulnerabilities. These vulnerabilities stem from...

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: mysqldump unspecified vulnerability CPU Apr 2025 CVE-2025-30722 mysql: Optimizer unspecified vulnerability CPU Apr 2025...

ALSA-2025:15699 Moderate: mysql-selinux and mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: openssl:...

CVE-2025-53621 DSpace vulnerable to XML External Entity (XXE) injection in import via Simple Archive Format (SAF) or import from external sources

DSpace open source software is a repository application which provides durable access to digital resources. Two related XML External Entity XXE injection possibilities impact all versions of DSpace prior to 7.6.4, 8.2, and 9.1. External entities are not disabled when parsing XML files during impo...

Oracle Siebel CRM (April 2013 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2013 CPU advisory. - Vulnerability in the Siebel Enterprise Application Integration component of Oracle Siebel CRM subcomponent: Web Services. Supported versions that...

U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks

U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox...

OPENSUSE-SU-2017:3201-1 Security update for tor

This update for tor fixes vulnerabilities that allowed some traffic confirmation, DoS and other attacks bsc1070849: - CVE-2017-8819: Replay-cache ineffective for v2 onion services - CVE-2017-8820: Remote DoS attack against directory authorities - CVE-2017-8821: An attacker can make Tor ask for a...

Microsoft Windows system services privilege escalation

There are several local services SSDP Discovery service, Universal Plug and Play Host service allow any authenticated user to configure service. It makes it possible to specify executable file and elevate privilege to Local System. Also vulnerable: HP Software: "Pml Driver HPZ12" HP Printer...

Security Update for Excel Services for Microsoft Office SharePoint Server 2007 (KB979439), 64-bit Edition

A security vulnerability exists in Excel Services for Microsoft Office SharePoint Server 2007 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...