24 matches found
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...
mysql: InnoDB unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
SUSE CVE-2026-41284
Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versions may also be affected. Users are recommended to upgrade ...
GHSA-FV25-8XCX-GQJC Apache Tomcat - WebSocket authentication header exposure
Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.2 to 9.0.117 Older, unsupported versions may also be affected Description: If a WebSocket request was redirected after authentication, Tomcat's WebSocket client would present the most recent...
Security Bulletin: IBM Maximo Application Suite - Predict Component uses cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-39892
Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-39892. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-39892...
mysql: Optimizer unspecified vulnerability (CPU Jan 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network...
Security Bulletin: IBM Edge Data Collector uses virtualenv-20.26.6-py3-none-any.whl which is vulnerable to CVE-2026-22702.
Summary IBM Edge Data Collector uses virtualenv-20.26.6-py3-none-any.whl which is vulnerable to CVE-2026-22702. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22702 DESCRIPTION: virtualenv is a tool for creating isolated virtual python...
CVE-2026-24733 Apache Tomcat: Security constraint bypass with HTTP/0.9
Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a specification inval...
CVE-2026-21952
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
CVE-2026-21948
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...
CVE-2026-21936
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Security Bulletin: IBM Maximo Application Suite - Predict Component uses bcpkix-jdk18on-1.78.1.jar which is vulnerable to CVE-2025-8916
Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses bcpkix-jdk18on-1.78.1.jar which is vulnerable to CVE-2025-8916. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of...
mysql: DML unspecified vulnerability (CPU Oct 2025)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
mysql: InnoDB unspecified vulnerability (CPU Oct 2025)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Security Bulletin: IBM Edge Data Collector uses crossbeam-channel-0.5.14.crate which is vulnerable to CVE-2025-4574.
Summary IBM Edge Data Collector uses crossbeam-channel-0.5.14.crate which is vulnerable to CVE-2025-4574. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-4574 DESCRIPTION: In crossbeam-channel rust crate, the internal Channel type's...
CVE-2025-53054
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...
BIT-TOMCAT-2025-48989 Apache Tomcat: h2 DoS - Made You Reset
Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0 through 11.0.9, from 10.1.0 through 10.1.43 and from 9.0.0 through 9.0.107. Older, EOL versions may also be affected. Users are...
Apache Tomcat Session Fixation vulnerability
Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 ...
UBUNTU-CVE-2024-21272
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.0.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors...