CVE-2019-25447

OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthorized actions by crafting malicious requests to endpoints like /database/, /command/, and /document/. Attackers can create or delete databases, modify schema classes,...

kernel: PCI: Fix NULL dereference in SR-IOV VF creation error path

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...

CVE-2025-38569 benet: fix BUG when creating VFs

In the Linux kernel, the following vulnerability has been resolved: benet: fix BUG when creating VFs benet crashes as soon as SRIOV VFs are created: kernel BUG at mm/vmalloc.c:3457! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: loaded Not tainted 6.16.0...

CVE-2025-38569 benet: fix BUG when creating VFs

In the Linux kernel, the following vulnerability has been resolved: benet: fix BUG when creating VFs benet crashes as soon as SRIOV VFs are created: kernel BUG at mm/vmalloc.c:3457! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI CPU: 4 UID: 0 PID: 7408 Comm: test.sh Kdump: loaded Not tainted 6.16.0...

Malicious code in flashsimplelogger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c4753ee44e481f1f689cfaeddcddaef8dcdf86fbb1db19b3fe0acc2fadac305 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

SUSE CVE-2025-22092

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...

SUSE CVE-2022-49625

In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has t...

CVE-2022-49625

In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has t...

DEBIAN-CVE-2022-49625

In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efxef10tryupdatenicstatsvf. When releasing a DMA coherent buffer, sometimes, I don't know in what specific circumstances, it has t...

SUSE CVE-2007-3279

PostgreSQL 8.1 and probably later versions, when the PL/pgSQL plpgsql language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing...

grub2: Use-after-free redefining a function whilst the same function is already executing

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

The MYSQL read-write permissions into the system system permissions-bug warning-the black bar safety net

Previously I was in octal released a for MYSQL provide the right of the UDF, but it seems a lot of friends not really understand its use, people keep asking me and it's method of use, someone simply told me to write this UDF dedicated PHP. To be honest as I write this in PHP before you learn only...

security flaw

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used...

security flaw

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used...

security flaw

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used...

DEBIAN-CVE-2006-3803

Race condition in the JavaScript garbage collection in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code by causing the garbage collector to delete a temporary variable while it is still being used...

USN-180-1: MySQL vulnerability

AppSecInc Team SHATTER discovered a buffer overflow in the "CREATE FUNCTION" statement. By specifying a specially crafted long function name, a local or remote attacker with function creation privileges could crash the server or execute arbitrary code with server privileges. However, the right to...

CVE-2005-0709

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, onexit, and exit...