CVE-2025-50098

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2025-50100

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

CVE-2025-50065

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE component: Native Image. The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for...

CVE-2025-50065

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE component: Native Image. The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for...

CVE-2025-30752

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: Compiler. The supported version that is affected is Oracle Java SE: 24.0.1; Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

UBUNTU-CVE-2025-50098

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

UBUNTU-CVE-2025-50104

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

CVE-2025-30752

Removed by vendor...

PT-2025-29620 · Oracle · Oracle Graalvm For Jdk +1

Name of the Vulnerable Software and Affected Versions: Oracle GraalVM for JDK version 24.0.1 Description: A difficult-to-exploit issue exists in the Oracle GraalVM for JDK product of Oracle Java SE component: Native Image. An unauthenticated attacker with network access via HTTP can compromise...

CVE-2025-7485 Open5GS SCTP Partial Message recv_handler assertion

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...

CVE-2025-7485 Open5GS SCTP Partial Message recv_handler assertion

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Affected by this vulnerability is the function ngaprecvhandler/s1aprecvhandler/recvhandler of the component SCTP Partial Message Handler. The manipulation leads to reachable assertion. The attack needs to be approached...

perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init

...

CVE-2025-49546

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to a partial application denial-of-service. A high-privileged attacker could exploit this vulnerability to partially disrupt the availability of the application...

AZL-64797 CVE-2025-5987 affecting package libssh for versions less than 0.10.6-2

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

WordPress plugin WP Map Block 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the nftables rule generation process. An attacker can gain unauthorized access to network traffic and impersonate other virtual machines or containers by exploiting the partial bypass of security filtering...

Azure Linux 3.0 Security Update: mysql (CVE-2025-30681)

The version of mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30681 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions...

UBUNTU-CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

SUSE CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...