CVE-2019-12264

Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component...

EUVD-2022-33607

Malicious code in bioql PyPI...

EUVD-2021-31533

Malicious code in bioql PyPI...

CVE-2021-2221

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Client. The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global...

PT-2024-8601 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to a memory use after free vulnerability in the Microsoft SQL Server Native Client component. This could allow a remote attacker to execute arbitrary code...

CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log

ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...

RHEL 9 : kernel (RHSA-2023:7749)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7749 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free vulnerability i...

Important: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-385)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-385 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting CVE-2022-48628 A use-after-free vulnerability in the Linux kernel's netfilter:...

CVE-2023-5345

A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3fscontextparseparam, ctx-password was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their...

AZL-31149 CVE-2023-5345 affecting package kernel for versions less than 5.15.135.1-2

A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3fscontextparseparam, ctx-password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading pas...

ICEPAY REST API for .NET 安全漏洞

ICEPAY REST API for .NET is an ICEPAY open source REST API client for .NET developers. A security vulnerability exists in ICEPAY REST API for .NET version 0.9, which stems from a security issue in the function RestClient in the file Classes/RestClient.cs in the component Checksum Validation, whic...

MariaDB 5.5.0 < 5.5.61 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.61 advisory. - Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected ar...

Oracle MySQL 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. An information disclosure vulnerability exists in the Shell: Core Client component of Oracle MySQL Shell. An attacker can exploit this vulnerability to corrupt the MySQL Shell and gain unauthorized access to a subset of MySQL...

CVE-2021-44718

wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle MITM position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers...

CVE-2022-32962

HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service...

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

CVE-2020-28961

Perfex CRM v2.4.4 was discovered to contain a stored cross-site scripting XSS vulnerability in the component ./clients/client via the company name parameter...

CVE-2021-35650

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Client. The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle Secure Global Deskto...

Oracle Secure Global Desktop has an unspecified vulnerability (CNVD-2021-54714)

Oracle Secure Global Desktop is a secure remote access solution for any cloud-hosted enterprise applications and hosted desktops running on Microsoft Windows, Linux, Oracle Solaris, and mainframe servers. A security vulnerability exists in the Client component in version 5.6. An attacker could...