go-toolset:rhel8 security update

An update is available for module.delve, golang, delve, module.golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming...

CVE-1999-0009

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases...

EUVD-2006-0907

Malware in sbrugna...

EUVD-2021-11927

Malware in sbrugna...

EUVD-2020-18346

Malware in sbrugna...

EUVD-2019-19110

Malware in sbrugna...

EUVD-2018-6542

Malware in sbrugna...

EUVD-2015-0184

Malware in sbrugna...

EUVD-2024-1208

Malicious code in bioql PyPI...

EUVD-2023-51293

Malicious code in bioql PyPI...

EUVD-2021-9262

Malicious code in bioql PyPI...

CLSA-2025-1754340339 sqlite: Fix of CVE-2025-6965

CVE-2025-6965: fix memory corruption issue caused by a query where the number of aggregate terms could exceed the number of columns available...

CVE-2024-31455

Minder by Stacklok is an open source software supply chain security platform. A refactoring in commit 5c381cf added the ability to get GitHub repositories registered to a project without specifying a specific provider. Unfortunately, the SQL query for doing so was missing parenthesis, and would...

PgBouncer 安全漏洞

PgBouncer is an open source lightweight connection pool for PostgreSql from the PgBouncer community. A security vulnerability exists in PgBouncer that stems from authquery not taking into account the VALID UNTIL value of Postgres, which could lead to logging in with an expired password...

Linux Distros Unpatched Vulnerability : CVE-2014-5353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The krb5ldapgetpasswordpolicyfromdn function in plugins/kdb/ldap/libkdbldap/ldappwdpolicy.c in MIT Kerberos 5 aka krb5 before 1.13.1, when the KDC uses LDAP,...

Searching Opencast may cause a denial of service

Impact First noticed in Opencast 13 and 14, Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries in relation to previously acceptable search queries. From Opencast version 11.4 and newer, Elasticsearch queries are retried a configurable number of times in...

CVE-2022-42425

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of...

PT-2022-24684 · Unknown · Smart Evision

Name of the Vulnerable Software and Affected Versions: Smart eVision affected versions not specified Description: The issue concerns inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information,...

CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

Design/Logic Flaw

A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13 and MongoDB Server v3.6 versions prior t...