AlmaLinux 10 : mysql8.4 (ALSA-2026:20693)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20693 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001 mysq...

ALSA-2026:20693 Moderate: mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: mysql:...

CVE-2026-34308

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

PT-2026-26777

Summary The objects/import.json.php endpoint accepts a user-controlled fileURI POST parameter with only a regex check that the value ends in .mp4. Unlike objects/listFiles.json.php, which was hardened with a realpath + directory prefix check to restrict paths to the videos/ directory,...

MiracleLinux 8 : mysql:8.0 (AXSA:2024-7561:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7561:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023 CVE-2023-21919,...

MiracleLinux 9 : mysql-8.0.36-1.el9_3.ML.1 (AXSA:2024-7606:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7606:01 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2023 CVE-2023-21911 mysql: Server: DDL unspecified vulnerability CPU Apr 2023 CVE-2023-21919,...

EUVD-2007-2373

Malware in sbrugna...

EUVD-2022-6553

Malicious code in bioql PyPI...

Security Bulletin: Vulnerability in JSON affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in JSON has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2025-40929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or...

KB5065227 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: September 9, 2025

KB5065227 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: September 9, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

level-json-cache (=0.0.0), midibin-api (=0.0.0) +6 more potentially affected by unknown CVE via level-json (>=0.0.2 <=2.0.0)

level-json NPM version =0.0.2, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.2.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25199...

CBL Mariner 2.0 Security Update: jq (CVE-2025-48060)

"The version of jq installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-48060 advisory. - jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present i...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in json-20230227.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of json-20230227.jar Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to...

CVE-2024-49364

CVE-2024-49364 affects tiny-secp256k1 (NPM wrapper). Prior to 1.1.7, if global Buffer comes from the NPM buffer package, the Buffer.isBuffer check can be bypassed, enabling private key extraction by signing a malicious JSON-stringifiable object via key reuse across messages. The issue is fixed in...

CVE-2019-11319

An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a command injection in the function downloadFirmware in hnap, which leads to remote code execution via shell metacharacters in a JSON value...

Security update for iperf

This update for iperf fixes the following issues: Update to 3.18 bsc1234705, CVE-2024-53580: SECURITY NOTE: Thanks to Leonid Krolle Bi.Zone for discovering a JSON type security vulnerability that caused a segmentation fault in the server. CVE-2024-53580 This has now been fixed. PR1810 UDP packets...

CVE-2024-10707

gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue CVE-2024-4941. This vulnerability allows unauthenticated users to access arbitrary files on the server by uploading a speciall...

Out-of-bounds Read

JSON is vulnerable to an out-of-bounds read. The vulnerability is due to improper handling of specially crafted JSON documents, allowing an attacker to cause a crash or leak sensitive memory contents...

GHSA-9M3Q-RHMV-5Q44 vulnerabilities

Vulnerabilities for packages: ruby3.4-fluentd-kubernetes-daemonset, ruby3.3-json, ruby3.1-fluentd-kubernetes-daemonset, ruby3.2-json, ruby3.3-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.4-json...