OPENSUSE-SU-2025:20089-1 Security update for mysql-connector-java

This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...

Exploit for Unrestricted Upload of File with Dangerous Type in Skittles Employee_Records_System

CVE-2021-4462 Test Environment Docker-based test environment...

Linux Distros Unpatched Vulnerability : CVE-2025-53040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...

Linux Distros Unpatched Vulnerability : CVE-2025-53045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0...

Linux Distros Unpatched Vulnerability : CVE-2025-53044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0...

Linux Distros Unpatched Vulnerability : CVE-2025-53067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.4.0. Easily exploitable...

Linux Distros Unpatched Vulnerability : CVE-2025-53053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...

Linux Distros Unpatched Vulnerability : CVE-2025-53054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0...

Linux Distros Unpatched Vulnerability : CVE-2025-53069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.0-8.0.43,...

Linux Distros Unpatched Vulnerability : CVE-2025-53042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...

Linux Distros Unpatched Vulnerability : CVE-2025-53062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0...

SQL Injection

Django is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of column aliases in methods like QuerySet.annotate, alias, aggregate, and extra, which allows an attacker to exploit crafted dictionary inputs passed via kwargs to inject malicious SQL—particularly on MySQL...

ROS-20251124-09

The vulnerability of the MySQL database access library aiomysql is related to the fact that client-side settings are not checked before sending local files to a remote MySQL server. client side settings are not checked before sending local files to a remote MySQL server. Exploitation vulnerabilit...

Alibaba Cloud Linux 3 : 0185: mariadb:10.5 (ALINUX3-SA-2025:0185)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0185 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-52969: MariaDB Server 10.4 throug...

CVE-2025-41076

In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed session cookie. Instead of displaying a generic error message, the system exposes internal backend information, including the use of the Yii framework, the MySQL/MariaDB database...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : MySQL vulnerabilities (USN-7873-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7873-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues...

Ubuntu: Security Advisory (USN-7873-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-41076

In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed session cookie. Instead of displaying a generic error message, the system exposes internal backend information, including the use of the Yii framework, the MySQL/MariaDB database...

CVE-2025-41076

LimeSurvey 6.13.0 is affected by an information-exposure issue triggered by malformed session cookies, causing HTTP 500 errors that leak internal backend details. The reports consistently specify exposure of backend stack elements such as the Yii framework, the MySQL/MariaDB engine, table name li...

TencentOS Server 3: mysql (TSSA-2023:0119)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0119 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...