Lucene search
K

199 matches found

EUVD
EUVD
added 2026/07/02 8:33 a.m.6 views

EUVD-2026-41262

The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to OS Command Injection in all versions up to and including 7.11 via the wpdbexcludetable parameter. This is due to the direct concatenation of user-supplied $POST'wpdbexcludetable' valu...

7.2CVSS6.3AI score0.01588EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 1:13 p.m.5 views

OESA-2026-2733 mariadb security update

Security Fixes: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

6.8CVSS6.6AI score0.00869EPSS
Exploits0References3
NVD
NVD
added 2026/05/11 10:22 p.m.45 views

CVE-2026-43873

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret $objClone-myKey, a constant md5$global'systemRootPath' . $global'salt' into the HTTP response body on every unauthenticated request. T...

7.5CVSS0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 8:31 p.m.63 views

CVE-2026-43873 WWBN AVideo: Unauthenticated Disclosure of CloneSite `myKey` via Error Echo in `cloneClient.json.php` Enables Cross-Site DB Dump of the Configured Clone Server

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret $objClone-myKey, a constant md5$global'systemRootPath' . $global'salt' into the HTTP response body on every unauthenticated request. T...

7.5CVSS0.00255EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/05 6:58 p.m.14 views

AVideo: Unauthenticated Disclosure of CloneSite `myKey` via Error Echo in `cloneClient.json.php` Enables Cross-Site DB Dump of the Configured Clone Server

Summary plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret $objClone-myKey, a constant md5$global'systemRootPath' . $global'salt' into the HTTP response body on every unauthenticated request. The unauthenticated error branch was intended to reject non-admin callers...

7.5CVSS5.8AI score0.00255EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.8 views

AlmaLinux 8 : mariadb:10.11 (ALSA-2026:6435)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6435 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-529...

6.8CVSS7.2AI score0.01236EPSS
Exploits0References9
OSV
OSV
added 2026/04/02 12:3 p.m.11 views

RLSA-2026:6435 Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

6.5CVSS6.8AI score0.01236EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/02 10:59 a.m.8 views

mysql: mariadb: mysqldump unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

6.8CVSS6.7AI score0.00431EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/02 10:59 a.m.6 views

Moderate: Red Hat Security Advisory: mariadb:10.11 security update

An update for the mariadb:10.11 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.8CVSS6.8AI score0.01236EPSS
Exploits0References10
OSV
OSV
added 2026/04/02 12:0 a.m.6 views

ALSA-2026:6435 Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

6.8CVSS5.8AI score0.01236EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/04/02 12:0 a.m.26 views

RHEL 8 : mariadb:10.11 (RHSA-2026:6435)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6435 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Deni...

6.8CVSS6.8AI score0.01236EPSS
Exploits0References19
AlmaLinux
AlmaLinux
added 2026/04/02 12:0 a.m.24 views

Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

6.8CVSS5.9AI score0.01236EPSS
Exploits0References16
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.8 views

Astra Linux – Vulnerability in MariaDB

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. The supported versions affected are 8.0.0–8.0.41, 8.4.0–8.4.4, and 9.0.0–9.2.0. This vulnerability is difficult to exploit; it allows low-privilege attackers with network access via multiple protocols to...

6.8CVSS6.7AI score0.00431EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 9 : mysql-8.0.41-2.el9_5.ML.1 (AXSA:2025-9701:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9701:03 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

9.1CVSS7.4AI score0.17301EPSS
Exploits3References50
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : mariadb:10.5 (AXSA:2025-11081:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11081:01 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...

6.8CVSS5.5AI score0.01236EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 8 : mariadb:10.5 (AXSA:2025-9615:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9615:01 advisory. mysql: InnoDB unspecified vulnerability CPU Oct 2023 CVE-2023-22084 mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096...

4.9CVSS7.3AI score0.01782EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : galera-26.4.20-1.el9_5, mariadb-10.5.27-1.el9_5 (AXSA:2025-9651:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9651:01 advisory. mysql: InnoDB unspecified vulnerability CPU Oct 2023 CVE-2023-22084 mysql: Client: mysqldump unspecified vulnerability CPU Apr 2024 CVE-2024-21096...

4.9CVSS7.3AI score0.01782EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : mysql:8.0 (AXSA:2025-9705:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9705:01 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

9.1CVSS7.4AI score0.17301EPSS
Exploits3References50
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.4 views

RockyLinux 10 : mariadb10.11 (RLSA-2026:0136)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0136 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...

7CVSS7.3AI score0.01236EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2026/01/08 4:41 p.m.4 views

mysql: mariadb: mysqldump unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise...

6.8CVSS5.8AI score0.00431EPSS
Exploits0References5
Rows per page
Query Builder