174 matches found
CVE-2026-11793 389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsing
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...
CVE-2026-8063
An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017762)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017762 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...
Astra Linux – Vulnerability in Redis
Redis is an in-memory database that persists data on disk. Starting from version 7.0.8 and before version 7.0.10, authenticated users could use the MSETNX command to trigger a runtime assertion and terminate the Redis server process. This issue was fixed in Redis version 7.0.10...
Linux Distros Unpatched Vulnerability : CVE-2026-22009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and...
CVE-2026-34303
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...
CVE-2026-34270
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the server to hang or crash repeatedly by sending crafted requests over the network while authenticated with high privileges...
DEBIAN-CVE-2026-32854
LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...
CVE-2026-22773
A flaw was found in vLLM, an inference and serving engine for large language models LLMs. A remote attacker can exploit this vulnerability by sending a specially crafted 1x1 pixel image to a vLLM engine serving multimodal models that use the Idefics3 vision model implementation. This leads to a...
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2026-21929
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 9.0.0-9.5.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
Oracle MySQL security vulnerabilities
Oracle MySQL is an open-source relational database management system developed by Oracle Corporation in the United States. The MySQL Server is one of the database server components of Oracle MySQL. There were security vulnerabilities in the MySQL Server versions 9.0.0 to 9.5.0 of Oracle MySQL...
mysql: InnoDB unspecified vulnerability (CPU Oct 2025)
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Redis: Redis is vulnerable to DoS via specially crafted LUA scripts
A vulnerability was found in Redis where an authenticated user to run a crafted Lua script that can read out‑of‑bounds memory or crash the server, leading to information disclosure and denial of service...
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
...
EUVD-2019-19180
Malware in sbrugna...
EUVD-2002-2125
Malware in sbrugna...
EUVD-2003-1461
Malware in sbrugna...
EUVD-2022-7432
Malicious code in bioql PyPI...