Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : RapidJSON vulnerability (USN-8189-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8189-1 advisory. It was discovered that RapidJSON did not properly protect against integer overflows in certain instances when...

USN-8189-1 rapidjson vulnerability

It was discovered that RapidJSON did not properly protect against integer overflows in certain instances when parsing JSON text. A remote attacker could possibly use this issue to craft a malicious JSON file, that when read by RapidJSON, would lead to an elevation of privilege, resulting in the...

USN-8189-1: RapidJSON vulnerability

It was discovered that RapidJSON did not properly protect against integer overflows in certain instances when parsing JSON text. A remote attacker could possibly use this issue to craft a malicious JSON file, that when read by RapidJSON, would lead to an elevation of privilege, resulting in the...

MiracleLinux 8 : mysql:8.4 (AXSA:2026-431:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-431:01 advisory. mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21948 mysql:...

MiracleLinux 8 : mysql:8.0 (AXSA:2026-376:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-376:01 advisory. mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21948 mysql:...

MiracleLinux 9 : mysql:8.4 (AXSA:2026-378:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-378:01 advisory. mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21948 mysql:...

mysql:8.4 security update

mecab 0.996-3.4 - Bump version for package rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'CRB' repo - Resolves: 2182069 0.996-3.3 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688 0.996-3.2 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related:...

Oracle Linux 9 : mysql:8.4 (ELSA-2026-5640)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-5640 advisory. mecab 0.996-3.4 - Bump version for package rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'CRB' repo - Resolves: 2182069...

OSV-2026-128 UNKNOWN READ in rapidjson::internal::DigitGen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477993729 Crash type: UNKNOWN READ Crash state: rapidjson::internal::DigitGen rapidjson::internal::Grisu2 rapidjson::Writer, rapidjso...

OSV-2026-108 UNKNOWN in rapidjson::PrettyWriter<rapidjson::GenericStringBuffer<rapidjson::UTF8<char>, ra

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=477111546 Crash type: UNKNOWN Crash state: rapidjson::PrettyWriter, ra bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat bool rapidjson::GenericValue, rapidjson::MemoryPoolAllocat...

mysql:8.4 security update

mecab mecab-ipadic mysql 8.4.7-1 - Rebase to 8.4.7 rapidjson...

Oracle Linux 9 : mysql:8.4 (ELSA-2025-23111)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23111 advisory. mecab mecab-ipadic mysql 8.4.7-1 - Rebase to 8.4.7 rapidjson Tenable has extracted the preceding description block directly from the Oracle Linux...

EUVD-2025-199979

Uncontrolled recursion in the json2pb component in Apache bRPC version 1.15.0 on all platforms allows remote attackers to make the server crash via sending deep recursive json data. Root Cause: The bRPC json2pb component uses rapidjson to parse json data from the network. The rapidjson parser use...

EUVD-2024-38186

Malicious code in bioql PyPI...

EUVD-2024-37387

Malicious code in bioql PyPI...

Oracle Linux 9 : mysql:8.4 (ELSA-2025-16046)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-16046 advisory. mecab mecab-ipadic mysql 8.4.6-1 - Rebase to 8.4.6 8.4.5-1 - Rebase to 8.4.5 rapidjson 1.1.0-19 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags...

mysql:8.4 security update

mecab mecab-ipadic mysql 8.4.6-1 - Rebase to 8.4.6 8.4.5-1 - Rebase to 8.4.5 rapidjson 1.1.0-19 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz1991688 1.1.0-18 - Remove gtest dependency and turn off tests Resolves: 1977656 1.1.0-17 - Rebuilt for RHEL 9 BETA on Apr 15th 2021...

Linux Distros Unpatched Vulnerability : CVE-2024-39684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tencent RapidJSON is vulnerable to privilege escalation due to an integer overflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h when...

Linux Distros Unpatched Vulnerability : CVE-2024-38517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the GenericReader::ParseNumber function of include/rapidjson/reader.h whe...

TencentOS Server 4: rapidjson (TSSA-2024:0415)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0415 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...