29726 matches found
OESA-2026-1196 mysql security update
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...
CVE-2025-46699
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-46699
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-46699
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-46699
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-46699
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2025-46699
Dell Data Protection Advisor before version 19.12 is affected by an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low-privileged attacker with remote access could exploit it to cause information exposure. The available documents do not provid...
ai-safety-engine (=0.1.0) potentially affected by CVE-2026-0773 via upsonic (=0.60.0a1754435135)
upsonic PYPI version =0.60.0a1754435135 is affected by a known vulnerability. The following packages have a transitive dependency on upsonic and may be impacted: - ai-safety-engine =0.1.0 Source cves: CVE-2026-0773 Source advisory: SNYK:PYTHON-UPSONIC-15091585...
Dell Data Protection Advisor security vulnerabilities
Dell Data Protection Advisor is a reporting and analysis platform provided by the American company Dell. Versions of Dell Data Protection Advisor prior to 19.12 contained security vulnerabilities, which were caused by improper handling of special elements within the server template engine. These...
PT-2026-4349
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neutralization of Special Elements Used in a Template Engine vulnerability in the Server. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that stems from the V8 engine's lack of effective protection against concurrent access to shared resources, which can be exploited by an attacker to execute arbitrary code on...
Security update for chromium (moderate)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0028-1 Rating: moderate References: 1256938 1257011 Cross-References: CVE-2026-1220 Affected Products: openSUSE Backports SLE-15-SP7 An update that solves one vulnerability and has one errata is now available...
CVE-2025-68139
EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for terminateconnectiononfailedresponse is False, which leaves the responsibility for session and connection termination to the EV. In this configuration, any errors encountered by the modul...
Exploit for Unrestricted Upload of File with Dangerous Type in Meowapps Ai_Engine
CVE-2023-51409 / 0-Click RCE Exploit - Author: Joshua Provost...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.7.0 ESR bsc1256340. MFSA 2026-03 CVE-2026-0877: Mitigation bypass in the DOM: Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebG...
[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-4.fc42
This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...
Azure Linux 3.0 Security Update: uriparser (CVE-2024-34402)
The version of uriparser installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34402 advisory. - An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer...
Azure Linux 3.0 Security Update: moby-engine (CVE-2024-36620)
The version of moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36620 advisory. - moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/imagehistory.go...
ROS-20260122-73-0011
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type conversion errors. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
ROS-20260122-73-0022
A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to synchronization errors when using a shared resource "Race Situation". Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML pa...