277 matches found
Exploit for Heap-based Buffer Overflow in Mariadb
CVE-2026-32710 Heap buffer overflow in MariaDB JSONSCHEMA...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses ajv-6.12.6.tgz which is vulnerable to CVE-2025-69873
Summary IBM Maximo Application Suite - Visual Inspection component uses ajv-6.12.6.tgz which is vulnerable to CVE-2025-69873, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-69873 DESCRIPTION: ajv Another JSON Schema Validat...
SUSE SLES16 Security Update : mariadb (SUSE-SU-2026:21407-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:21407-1 advisory. This update for mariadb fixes the following issue: - Update to v11.8.6 - CVE-2026-32710: heap-based buffer overflow via JSONSCHEMAVALID can...
openSUSE 16 Security Update : mariadb (openSUSE-SU-2026:20629-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20629-1 advisory. This update for mariadb fixes the following issue: - Update to v11.8.6 - CVE-2026-32710: heap-based buffer overflow via JSONSCHEMAVALID can lead to cras...
OPENSUSE-SU-2026:20629-1 Security update for mariadb
This update for mariadb fixes the following issue: - Update to v11.8.6 - CVE-2026-32710: heap-based buffer overflow via JSONSCHEMAVALID can lead to crash or remote code execution bsc1260081...
SUSE-SU-2026:21407-1 Security update for mariadb
This update for mariadb fixes the following issue: - Update to v11.8.6 - CVE-2026-32710: heap-based buffer overflow via JSONSCHEMAVALID can lead to crash or remote code execution bsc1260081...
SUSE SLES15 Security Update : helm (SUSE-SU-2026:1483-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1483-1 advisory. - CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: files written to...
Security update for helm
This update for helm fixes the following issues: CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. CVE-2026-35206: files written to unexpected directory via specially crafted Chartbsc1261938. Changes for helm: Update to version 3.20.2 Patch Instructions: To...
SUSE SLES15 Security Update : mariadb (SUSE-SU-2026:1367-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1367-1 advisory. Update to version 11.8.6. - https://mariadb.com/docs/release-notes/community-server/11.8/11.8.6 -...
Security update for mariadb
This update for mariadb fixes the following issues: Update to version 11.8.6. https://mariadb.com/docs/release-notes/community-server/11.8/11.8.6 https://mariadb.com/docs/release-notes/community-server/changelogs/11.8/11.8.6 Security issues fixed: CVE-2026-32710: heap-based buffer overflow via...
MariaDB 11.4.0 < 11.4.10/ 11.8.0 < 11.8.6/ 12.2.0 < 12.2.2
The version of MariaDB installed on the remote host is prior to 11.4.10, 11.8.6, 12.2.2. It is, therefore, affected by a vulnerability as referenced in the GHSA-4rj5-2227-9wgc advisory. - MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB version...
MariaDB 11.8.1 < 11.8.6 DoS
The version of MariaDB installed on the remote host is prior to 11.8.6. It is, therefore, affected by a vulnerability as referenced in the GHSA-4rj5-2227-9wgc advisory. - MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before...
MariaDB 11.4.1 < 11.4.10 DoS
The version of MariaDB installed on the remote host is prior to 11.4.10. It is, therefore, affected by a vulnerability as referenced in the GHSA-4rj5-2227-9wgc advisory. - MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before...
GHSA-V6PH-XCQ9-QXXJ mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications
Summary The mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing $ref values pointing to internal network addresses, cloud...
mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications
Summary The mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing $ref values pointing to internal network addresses, cloud...
CVE-2026-33311
DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options backgroundColor, fontFamily, textColor were not XML-escaped before interpolation into SVG...
BIT-MYSQL-CLIENT-2026-32710 Heap-based Buffer Overflow in MariaDB
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...
BIT-MARIADB-2026-32710 Heap-based Buffer Overflow in MariaDB
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...
SUSE CVE-2026-32710
MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...
Linux Distros Unpatched Vulnerability : CVE-2026-32710
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a...