Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. Vulnerabilities exist in versions 8.0.0 to 8.0.45, 8.4.0 to 8.4.8, and 9.0.0 to 9.6.0 of Oracle MySQL Server. These vulnerabilities stem from issues with the Server: Optimizer component, which may allo...

EUVD-2026-17859

Lack of output escaping for article titles leads to XSS vectors in various locations...

CVE-2026-21632

Lack of output escaping for article titles leads to XSS vectors in various locations...

ASB-A-483074618

In multiple locations, there is a possible way to access unexpected data due to multiple causes. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2026-8762

n8n Vulnerable to Stored XSS via Various Nodes...

[SECURITY] Fedora 42 Update: rust-ambient-id-0.0.10-1.fc42

Detects ambient OIDC credentials in a variety of environments...

USN-8028-5 linux-aws, linux-aws-6.8, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

[SECURITY] Fedora 42 Update: rust-ambient-id-0.0.8-1.fc42

Detects ambient OIDC credentials in a variety of environments...

WordPress Elementor Addons by Livemesh plugin <= 8.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Various Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Various Widgets vulnerability discovered by wesley wcraft in WordPress Plugin Livemesh Addons for Elementor versions = 8.3.7...

EUVD-2026-2912

In Apache Airflow versions before 3.1.6, the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treated as sensitive by default and therefore were not automatically masked in log output. As a result, when such...

EUVD-2025-117009

Malicious code in various-plum-echidna npm...

EUVD-2025-75291

Malicious code in variousstingray-appteadev npm...

EUVD-2025-80135

Malicious code in variousfelidae0xrequest npm...

EUVD-2025-83749

Malicious code in variouslemurz3n npm...

Malicious code in various_lemur_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69f054c35dcb3c2fa53a61d42a4afcfad612898062fce1df96b75909c142440b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-73060

Malicious code in variousdamselflyz3n npm...

EUVD-2025-73059

Malicious code in variouseaglez3n npm...

EUVD-2025-73056

Malicious code in variousocelotrequirement npm...

EUVD-2025-73058

Malicious code in variousgiraffez3n npm...

MAL-2025-85044 Malicious code in embarrassing_flyingfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 224b3ce740fbeefa4427ef4fb4fee0d29740ca5eb707207989161c6eedf8d75e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...