9 matches found
CVE-2026-44349
Daptin CVE-2026-44349: The fuzzy search path on /api/ accepts a user-supplied column list and interpolates it into raw SQL without a column whitelist, enabling an authenticated user to read the entire database on vulnerable versions. Affected component: processFuzzySearch in server/resource/resou...
QNAP Systems QTS和QNAP Systems QuTS hero 缓冲区错误漏洞
QNAP Systems QTS and QNAP Systems QuTS hero are both a software with data storage and management capabilities from QNAP Systems, Inc. of Taiwan, China. A buffer error vulnerability exists in QNAP Systems QTS and QNAP Systems QuTS hero that originates from an out-of-bounds read and could result in...
Linux Distros Unpatched Vulnerability : CVE-2019-2911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Information Schema. Supported versions that are affected are 5.6.45 and prior, 5.7.27 and...
Linux Distros Unpatched Vulnerability : CVE-2023-21889
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.42 and prior t...
Linux Distros Unpatched Vulnerability : CVE-2017-3467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: C API. Supported versions that are affected are 5.7.17 and earlier. Difficult ...
Linux Distros Unpatched Vulnerability : CVE-2021-2042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Apple watchOS 安全漏洞
Apple watchOS is a set of smartwatch operating systems from the American company Apple Apple. A security vulnerability exists in versions prior to Apple watchOS 10, which stems from an application that may be able to read sensitive location information...
CVE-2023-21825
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite component: Supplier Management. Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupplier...
CVE-2017-10209
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...