114833 matches found
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...
mysql: InnoDB unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...
mysql: InnoDB unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
mysql: InnoDB unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
mysql: InnoDB unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...
Moderate: Red Hat Security Advisory: mysql:8.0 security update
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
mysql: DML unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access v...
mysql: Optimizer unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...
mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...
mysql: Information Schema unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with...
mysql: Information Schema unspecified vulnerability (CPU Apr 2026)
Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to a validation issue with improper logic...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
A flaw was found in WebKitGTK. Processing malicious web content may prevent Content Security Policy from being enforced due to improper input validation...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash...
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...
python-pyjwt: PyJWT: Authentication bypass due to forged JSON Web Tokens
A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
kernel: can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
kernel: net: af_can: do not leave a dangling sk pointer in can_create()
In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...
kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...
gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...
gimp: GIMP: Remote Code Execution via PSP file parsing
A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...
gimp: GIMP: Remote Code Execution via malicious JP2 file parsing
A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
GIMP: GIMP: Arbitrary code execution via specially crafted PSD file
A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...
gimp: GIMP: Remote Code Execution via PSP file parsing
A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...
GIMP: GIMP: Arbitrary code execution via specially crafted PSD file
A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...
Important: Red Hat Security Advisory: gimp security update
An update for gimp is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image
A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a user to open a specially crafted PCX image. Successful exploitation could lead to out-of-bounds memory disclosure and a possible...
gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...
gimp: GIMP: Remote Code Execution via malicious JP2 file parsing
A flaw was found in GIMP. A remote attacker could exploit this by tricking a user into opening a specially crafted JP2 JPEG 2000 file. This flaw is due to a heap-based buffer overflow during JP2 file parsing, which allows for arbitrary code execution. Successful exploitation enables the attacker ...