149 matches found
Palo Alto Networks Prisma Browser 代码问题漏洞
Palo Alto Networks Prisma Browser is an enterprise-level security browser developed by Palo Alto Networks. There is a code vulnerability in Palo Alto Networks Prisma Browser, which stems from a race condition issue. This vulnerability may allow non-administrative users with local access to bypass...
BIT-MYSQL-CLIENT-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass
In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the statement is...
PT-2026-24610
In MariaDB server version through 11.8.5, when server audit plugin is enabled with server audit events variable configured with QUERY DCL, QUERY DDL, or QUERY DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the stateme...
PT-2026-24609
In MariaDB server version through 11.8.5, when server audit plugin is enabled with server audit events variable configured with QUERY DCL, QUERY DDL, or QUERY DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the stateme...
SUSE CVE-2026-3494
In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen - or hash style comments, the statement is...
ALPINE-CVE-2026-3494
In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the statement is...
CVE-2026-3494
In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the statement is...
CVE-2026-3494
In MariaDB server version through 11.8.5, when server audit plugin is enabled with serverauditevents variable configured with QUERYDCL, QUERYDDL, or QUERYDML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen — or hash style comments, the statement is...
PT-2026-22790
Name of the Vulnerable Software and Affected Versions MariaDB versions through 11.8.5 Description When the server audit plugin is enabled with the server audit events variable configured with QUERY DCL, QUERY DDL, or QUERY DML filtering, SQL statements prefixed with double-hyphen — or hash style...
CVE-2026-27772
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...
CVE-2019-16887
In IrfanView 4.53, Data from a Faulting Address controls a subsequent Write Address starting at image00400000+0x000000000001dcfc...
A week in security (October 6 – October 12)
Last week on Malwarebytes Labs: Apple voices concerns over age-check law that could put user privacy at risk Your passwords don’t need so many fiddly characters, NIST says Millions of very private chats exposed by two AI companion apps Fake VPN and streaming app drops malware that drains your ban...
EUVD-2019-7670
Malware in sbrugna...
EUVD-2018-19622
Malware in sbrugna...
EUVD-2019-7660
Malware in sbrugna...
EUVD-2019-7674
Malware in sbrugna...
EUVD-2024-47764
Malicious code in bioql PyPI...
EUVD-2024-1044
Malicious code in bioql PyPI...
EUVD-2024-0977
Malicious code in bioql PyPI...
EUVD-2025-18221
Malicious code in bioql PyPI...