Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017761 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

MiracleLinux 9 : mysql-8.0.41-2.el9_5.ML.1 (AXSA:2025-9701:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9701:03 advisory. openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date parser overread...

CVE-2025-13859

The AffiliateX – Amazon Affiliate Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the savecustomizationsettings AJAX action in versions 1.0.0 to 1.3.9.3. This makes it possible for authenticated attackers, with Subscriber-level...

PT-2026-3004

Name of the Vulnerable Software and Affected Versions AffiliateX – Amazon Affiliate Plugin versions 1.0.0 through 1.3.9.3 Description The AffiliateX – Amazon Affiliate Plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check on the save...

EUVD-2015-9271

Malware in sbrugna...

EUVD-2020-7006

Malware in sbrugna...

EUVD-2024-18910

Malicious code in bioql PyPI...

EUVD-2024-51007

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-3646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: X Plugin. Supported versions that are affected are 5.7.16 and earlier. Easily...

Linux Distros Unpatched Vulnerability : CVE-2017-3637

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: X Plugin. Supported versions that are affected are 5.7.18 and earlier. Difficult to...

CVE-2025-6814

The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportnow function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal...

CVE-2025-6814 Booking X 1.0 - 1.1.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via export_now() Function

The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportnow function in versions 1.0 to 1.1.2. This makes it possible for unauthenticated attackers to download all plugin data, including user accounts, user meta, and PayPal...

CVE-2025-6814

CVE-2025-6814 affects Booking X for WordPress (versions 1.0–1.1.2). The root cause is a missing capability check in export_now(), allowing unauthenticated attackers to download all plugin data (including user accounts, user meta, and PayPal credentials) via a crafted POST request. Public details ...

PT-2025-27855 · WordPress · Booking X

Name of the Vulnerable Software and Affected Versions: Booking X plugin for WordPress versions 1.0 through 1.1.2 Description: The issue allows unauthorized access to data due to a missing capability check on the export now function. This enables unauthenticated attackers to download all plugin...

CVE-2024-12204

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in the class-cx-rest.php file in all versions up to, and including, 1.3.5. This makes it...

RLSA-2025:1671 Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

mysql: X Plugin unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

mysql: X Plugin unspecified vulnerability (CPU Oct 2024)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

CVE-2024-12627

The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.5 via deserialization of untrusted input from post content passed to the captureemail AJAX action. This...