CVE-2026-6957

Mattermost Plugins versions =1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target server's filestore via...

IBM DB2 Federated Server DoS (7269435) (Unix)

According to its self-reported version number, IBM Db2 is affected by a denial of service vulnerability: - IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data...

Security Bulletin: IBM® Db2® Federated server is vulnerable to a denial of service with a specially crafted query in a Fenced environment (CVE-2026-3676)

Summary IBM® Db2® Federated server is vulnerable to a denial of service with a specially crafted query in a Fenced environment CVE-2026-3676 Vulnerability Details CVEID:CVE-2026-3676 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to...

CVE-2026-34148 Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and 2.1.1, @fedify/fedify follows HTTP redirects recursively in its remote document loader and authenticated document loader without enforcing a maximum redirect count or...

Security Bulletin: IBM® Db2® Federated server is vulnerable to a denial of service with a specially crafted query (CVE-2025-36424)

Summary IBM® Db2® Federated server could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic. Vulnerability Details CVEID:CVE-2025-36424 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a us...

Security Bulletin: IBM® Db2® federated server is vulnerable to a denial of service when manipulating or using queries with federated objects (CVE-2025-14689)

Summary IBM® Db2® federated server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects. Vulnerability Details CVEID:CVE-2025-14689 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2...

Security Bulletin: IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on (CVE-2025-8916)

Summary IBM® Db2® Federated server is affected by a vulnerability in bcprov-jdk18on and bcpkix-jdk18on. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules,...

Security Bulletin: IBM® Db2® Federated server is vulnerable to a denial of service as the server may crash when using a specially crafted statement (CVE-2025-36423)

Summary IBM® Db2® IBM® Db2® Federated server is vulnerable to a denial of service due to improper neutralization of special elements in data query logic. Vulnerability Details CVEID:CVE-2025-36423 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a local use...

MiracleLinux 7 : rh-mariadb101-mariadb-10.1.19-6.el7 (AXSA:2016-1178:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1178:02 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...

CVE-2023-45193

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759...

Fedify 安全漏洞

Fedify is a TypeScript library by the individual developer Hong Minhee. It is used to build federated server applications supported by ActivityPub and other standards. A security vulnerability exists in Fedify versions prior to 1.6.13, 1.7.14, 1.8.15, and 1.9.2, which stems from a regular...

Security Bulletin: IBM® Db2® federated Server is vulnerable to sensitive information disclosure under specific conditions (PRISMA-2021-0055)

Summary IBM® Db2® federated Server is affected by a vulnerability in Apache Commons Codec that could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive informatio...

EUVD-2016-6573

Malware in sbrugna...

EUVD-2023-34860

Malicious code in bioql PyPI...

EUVD-2025-0153

Malicious code in bioql PyPI...

EUVD-2024-24493

Malicious code in bioql PyPI...

EUVD-2023-50410

Malicious code in bioql PyPI...

EUVD-2023-49500

Malicious code in bioql PyPI...

CVE-2025-54888

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass...

CVE-2025-54888 @fedify/fedify: Improper Authentication and Incorrect Authorization

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass...