5 matches found
CVE-2025-12817
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before...
CVE-2025-50095
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...
Cisco Nexus Devices Python Subsystem Local Privilege Escalation Vulnerabilities
Multiple privilege escalation vulnerabilities in the Python subsystem of Cisco Nexus devices running Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges. The vulnerabilities are due to insufficient hardening of the operating system on which NX-OS is...
Cisco Headend Digital Broadband Delivery System Cross-Site Scripting Vulnerability
A vulnerability in the web-based administration interface of the Cisco Headend Digital Broadband Delivery System could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack on the affected device. The vulnerability is due to improper input validation of certain...
Cisco Unified Communications Manager Java Class File Availability Vulnerability
A vulnerability in the administration interface of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to access Java class files. The vulnerability is due to insufficient authentication enforcement. An attacker could exploit this vulnerability by...