mysql: Optimizer unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

mysql: Parser unspecified vulnerability (CPU Apr 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

mysql: Optimizer unspecified vulnerability (CPU Jul 2025)

A denial of service flaw was found in MySQL. This flaw allows a privileged attacker with network access via multiple protocols to cause a crash in the MySQL server...

[SECURITY] Fedora 42 Update: wireshark-4.4.9-1.fc42

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

Linux Distros Unpatched Vulnerability : CVE-2024-35164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a...

Linux Distros Unpatched Vulnerability : CVE-2017-3626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Java Server Faces. The supported version that is affected is...

CVE-2025-57665

Element Plus Link component el-link through 2.10.6 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

CVE-2025-57665

Element Plus Link component el-link through 2.10.6 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

CVE-2025-57665

CVE-2025-57665 affects Element Plus Link component (el-link) up to version 2.10.6. The root cause is insufficient input validation of the href attribute, with user-controlled href values passed directly to underlying anchor elements without protocol validation, URL sanitization, or security heade...

CVE-2025-57665

Element Plus Link component el-link through 2.10.6 implements insufficient input validation for the href attribute, creating a security abstraction gap that obscures URL-based attack vectors. The component passes user-controlled href values directly to underlying anchor elements without protocol...

PT-2025-36908

Name of the Vulnerable Software and Affected Versions: Element Plus versions through 2.10.6 Description: The Element Plus Link component el-link does not sufficiently validate input for the href attribute, creating a security gap. This allows attackers to inject malicious URLs using dangerous...

CVE-2025-35451

CVE-2025-35451 concerns PTZOptics and ValueHD-based pan-tilt-zoom cameras with hard-coded default administrative credentials. Affected devices expose SSH and/or Telnet on all interfaces, and the default passwords cannot be changed or the services disabled, enabling potential unauthorized admin ac...

CVE-2025-35451 Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

Squid: dos against http and https

...

Buffer overread when using an empty list with SSLContext.set_npn_protocols()

...

Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control

Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes with a variety of features to capture sensitive data from compromised systems. "MystRodX is a typical backdoor implemented in C++, supporting features like file management, port forwarding, reverse shell,...

Copeland E2 Facility Management Systems 安全漏洞

Copeland E2 Facility Management Systems is an industrial facility control system from Copeland Corporation. A security vulnerability exists in Copeland E2 Facility Management Systems that stems from improper handling of proprietary protocols, which could lead to unauthorized file manipulation...

Security Bulletin: Java SE Hotspot Vulnerability Enables Remote Data Access and Modification via Multiple Protocols, which affects IBM watsonx.data

Summary Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to accessib...

OESA-2025-2092 buildah security update

The package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a new image...

Linux Distros Unpatched Vulnerability : CVE-2022-22576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly...