101 matches found
CVE-2026-42511
The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...
CVE-2026-42511
Summary: CVE-2026-42511 affects the dhclient DHCP client used on FreeBSD. The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing an attacker-controlled field in the lease to be injected as arbitrary dhclient.conf directives. When the lease is re-parsed...
redis_rogue_server
Redis Rogue Server A exploit for Redis 4.x and 5.x RCE, inspi...
Arbitrary Client-Side File Disclosure
aiomysql is vulnerable to Arbitrary Client-Side File Disclosure. The vulnerability is due to the client not validating server requests for local files, and attackers can exploit this by running a rogue MySQL server that sends LOADLOCAL packets to request and retrieve arbitrary files from the clie...
OESA-2025-2618 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2619 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2617 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
OESA-2025-2616 python-aiomysql security update
aiomysql is a "driver" for accessing a MySQL database from the asyncio PEP-3156/tulip framework. It depends on and reuses most parts of PyMySQL . aiomysql tries to be like awesome aiopg library and preserve same api, look and feel. Security Fixes: aiomysql is a library for accessing a MySQL...
Linux Distros Unpatched Vulnerability : CVE-2025-62611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client- side settings are not checked before sending local...
CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
UBUNTU-CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
CVE-2025-62611 aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...
aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...
GHSA-R397-FF8C-WV2G aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server
Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...
PT-2025-43406
Name of the Vulnerable Software and Affected Versions aiomysql versions prior to 0.3.0 Description aiomysql does not properly validate client-side settings before transmitting local files to a MySQL server. This allows a malicious server to request arbitrary files from the client by sending a LOA...
EUVD-2021-20191
Malware in sbrugna...
EUVD-2015-8841
Malware in sbrugna...
EUVD-2020-17929
Malware in sbrugna...