GHSA-PGVV-Q3WF-MM9M OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads

Summary The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. Details The vulnerable logic is in pkg/ebpf/common/sqldetectpostgres.go. In th...

GHSA-VW3H-Q6XQ-JJM5 OpenClaw: Voice-call realtime WebSocket accepted oversized frames

Summary Voice-call realtime WebSocket accepted oversized frames. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 = 2026.4.10 Impact The voice-call realtime WebSocket path could accept oversized frames, creating a remote availability risk for...

OpenClaw: Voice-call realtime WebSocket accepted oversized frames

Summary Voice-call realtime WebSocket accepted oversized frames. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 = 2026.4.10 Impact The voice-call realtime WebSocket path could accept oversized frames, creating a remote availability risk for...

MiracleLinux 4 : mysql-5.1.66-1.0.1.AXS4 (AXSA:2012-1036:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-1036:03 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...

CVE-2019-11993

A security vulnerability has been identified in HPE SimpliVity 380 Gen 9, HPE SimpliVity 380 Gen 10, HPE SimpliVity 380 Gen 10 G, HPE SimpliVity 2600 Gen 10, SimpliVity OmniCube, SimpliVity OmniStack for Cisco, SimpliVity OmniStack for Lenovo and SimpliVity OmniStack for Dell nodes. Two now...

Linux Distros Unpatched Vulnerability : CVE-2016-8290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance...

Linux Distros Unpatched Vulnerability : CVE-2016-3459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier and MariaDB 10.0.x before 10.0.25 and 10.1.x before 10.1.14 allows remote...

mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU October 2016)

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Federated...

CVE-2016-5612

Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML...

JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D...

JDK: unspecified vulnerability fixed in 6u115, 7u101 and 8u91 (2D)

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D...

mysql: unspecified vulnerability in subcomponent: Server: UDF (CPU January 2016)

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF...

CVE-2016-0501

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.2 allows remote attackers to affect availability via vectors related to SGD Core...

CVE-2016-0424

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0422...

OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911...

PT-2013-1533 · Oracle +3 · Mysql Server +3

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.1.66 and earlier Oracle MySQL versions 5.5.28 and earlier Description: The issue affects the availability of the system, allowing remote attackers to exploit it via unknown vectors. Recommendations: For Oracle MySQL...