4722 matches found
CGA-7XGJ-C952-CRC5
Bulletin has no description...
CGA-4QF6-VWM8-3RQ3
Bulletin has no description...
CGA-P9J3-HCG8-GQG2
Bulletin has no description...
CGA-P2QF-QX28-FRXJ
Bulletin has no description...
CVE-2025-2746
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through...
Missing Critical Step in Authentication
Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Missing Critical Step in Authentication due to improper handling of empty SHA1 usernames in digest authentication, when the Staging...
Weak Password Requirements
Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Weak Password Requirements due to the lack of enforcement on...
SUSE CVE-2025-27112
Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system,...
Malicious code in array-empty-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9923e27ee77980880cfc13a3c78c4903c58bed58f9257ac0407d57841fcc7853 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in empty-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4f29eb4e06a456c0243473ddb4cf4b5953ab107489b4a79b5f3ccbebf67ebcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in empty-array-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2296 Malicious code in array-empty-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9923e27ee77980880cfc13a3c78c4903c58bed58f9257ac0407d57841fcc7853 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2307 Malicious code in empty-array-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 349e81874005a4e4ed11f5e452324e817f3fc61d4a22f5237445d562df83fb60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2308 Malicious code in empty-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e4f29eb4e06a456c0243473ddb4cf4b5953ab107489b4a79b5f3ccbebf67ebcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2023-52969
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...
AZL-58073 CVE-2023-52969 affecting package mariadb for versions less than 10.6.24-1
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...
DEBIAN-CVE-2023-52969
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...
AZL-58082 CVE-2023-52969 affecting package mariadb for versions less than 10.11.15-1
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...
CVE-2023-52969
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. can sometimes crash with an empty backtrace log. This may be related to makeaggrtablesinfo and optimizestage2...
MariaDB 安全漏洞
MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. A security vulnerability exists in MariaDB that stems from sometimes crashing due to empty traceback logs, possibly related to makeaggrtablesinfo a...