mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

mariadb: assertion failure in compare_order_elements

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/sqlwindow.cc, impacting availability...

mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order

A flaw was found in MariaDB. A segmentation fault via the component, Itemfield::usedtables/updatedependmapfororder, impacts availability...

mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc

A flaw was found in the MariaDB Server. It contains a use-after-free in the component, VDec::VDec at /sql/sqltype.cc, affecting availability...

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

Moderate: Red Hat Security Advisory: mariadb:10.5 security, bug fix, and enhancement update

An update for the mariadb:10.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

mariadb: assertion failure in sql/item_cmpfunc.cc

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemcmpfunc.cc, affecting availability...

RHEL 8 : mariadb:10.5 (RHSA-2022:5826)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5826 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2022-2136)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2022-2136)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile...

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2022-2161)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile...

mariadb: assertion failure in compare_order_elements

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/sqlwindow.cc, impacting availability...

mariadb: assertion failure in VDec::VDec at /sql/sql_type.cc

A flaw was found in the MariaDB Server. It contains a use-after-free in the component, VDec::VDec at /sql/sqltype.cc, affecting availability...

mariadb: assertion failure in sql/item_cmpfunc.cc

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemcmpfunc.cc, affecting availability...

mariadb: assertion failure in sql/item_func.cc

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemfunc.cc:148, affecting availability...

mariadb: crash in multi-update and implicit grouping

An assertion failure was found in the MariaDB Server. This issue is via, 'node-pcur-relpos == BTRPCURON' at /row/row0mysql.cc, affecting availability...

mariadb: assertion failure via component Item_field::used_tables/update_depend_map_for_order

A flaw was found in MariaDB. A segmentation fault via the component, Itemfield::usedtables/updatedependmapfororder, impacts availability...

Authorization Bypass

drupal7 is vulnerable to authorization bypass. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to an assertion failure. Exploiting this vulnerability is only possible if the SQLite instance was compiled with -DSQLITEENABLESTAT4. PoC sql CREATE TABLE t0 c0 INT, c1 INT PRIMARY KEY WITHOUT ROWID; INSERT INT...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2022-2111)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...