[SECURITY] Fedora 43 Update: mariadb11.8-11.8.5-1.fc43

MariaDB is a community developed fork from MySQL - a multi-user, multi-thread ed SQL database server. It is a client/server implementation consisting of a server daemon mariadbd and many different client programs and libraries. The base package contains the standard MariaDB/MySQL client programs...

EUVD-2007-4000

Malware in sbrugna...

EUVD-2024-16909

Malicious code in bioql PyPI...

EUVD-2025-30261

Malicious code in bioql PyPI...

CVE-2024-1137

The Proxy and Client components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Enterprise Edition contain a vulnerability that theoretically allows an Active Spaces client to passively observe data traffic to other clients. Affected releases are TIBCO Software Inc.'s TIBCO ActiveSpaces - Enterpris...

CVE-2024-40872

There is an elevation of privilege vulnerability in server and client components of Absolute Secure Access prior to version 13.07. Attackers with local access and valid desktop user credentials can elevate their privilege to system level by passing invalid address data to the vulnerable component...

Trend Micro Multiple Products Content Validation Escape Vulnerability

Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components...

@ist-group/skolid-client-components (>=0.7.0 <=0.10.2) potentially affected by unknown CVE via personnummer (=2.1.1)

personnummer NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on personnummer and may be impacted: - @ist-group/skolid-client-components =0.7.0, =0.10.2 Source cves: unknown CVE Source advisory: OSV:GHSA-VPGC-7H78-GX8F...

CVE-2020-5892

In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory...

mysql: Client programs unspecified vulnerability (CPU Apr 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocol...

ALPINE-CVE-2018-3174

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the...

ALPINE-CVE-2017-3636

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server execut...

CVE-2014-1754

CVE-2014-1754 is a cross-site scripting (XSS) vulnerability affecting Microsoft SharePoint Server 2013 (Gold/SP1), SharePoint Foundation 2013 (Gold/SP1), Office Web Apps Server 2013 (Gold/SP1), and SharePoint Server 2013 Client Components SDK. The issue allows remote attackers to inject arbitrary...

CVE-2013-6024

The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow attackers to obtain sensitive information from process memory via unspecified vectors...

SOL14969 - BIG-IP Edge and FirePass client information leakage vulnerability CVE-2013-6024

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

httpd: Expect header XSS

httpprotocol.c in 1 IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and 2 Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site...

CVE-2007-2238

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control WhlMgr.dll, as used in Microsoft Intelligent Application Gateway IAG before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the 1 CheckForUpdates or 2 UpdateComponents methods...

Stack overflow

Multiple stack-based buffer overflows in the Whale Client Components ActiveX control WhlMgr.dll, as used in Microsoft Intelligent Application Gateway IAG before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the 1 CheckForUpdates or 2 UpdateComponents methods...

CVE-2007-2238

CVE-2007-2238 describes multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll) used by Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2. The vulnerabilities allow remote code execution when an attacker supplies overly long arguments to the ...

Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control stack buffer overflows

Overview The Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Whale Communications Intelligent...