CVE-2019-7317

CVE-2019-7317 is a use-after-free involving png_image_free in libpng. A connected document ties this to the FLTK package, affecting versions less than 1.3.8-1, and states that upgrading to a later FLTK version resolves the issue. If applying this advisory, upgrade FLTK to 1.3.8-1 or newer for rem...

CVE-2019-2422

CVE-2019-2422 affects Oracle Java SE Libraries in Java SE 7u201, 8u192, 11.0.1 (and Java SE Embedded 8u191). The issue is a memory disclosure in FileChannelImpl that could allow an unauthenticated, network-reachable attacker to read a subset of data, with user interaction required in some context...

CVE-2018-11212

CVE-2018-11212 affects libjpeg/libjpeg-turbo: the alloc_sarray function in jmemmgr.c allows a remote attacker to cause a denial of service via a crafted file due to a divide-by-zero error. Public advisories (e.g., ALAS2-2019-1198, ALAS-2019-1286, AL2/ALSA-centos/CESA-2019:2052, Debian DLA-1638-1)...

CVE-2022-21589

CVE-2022-21589 affects Oracle MySQL Server (Server: Security: Privileges). Affected versions are 5.7.39 and earlier, and 8.0.16 and earlier. The vulnerability allows a low-privileged, network-accessible attacker to read a subset of MySQL Server data. The description does not provide a patch/versi...

CVE-2022-21637

CVE-2022-21637 affects MySQL Server (InnoDB) with affected versions 8.0.30 and earlier. Root cause involves InnoDB vulnerability leading to a complete DOS (hang/crash) under network access with high privileges. Remediation observed in connected data shows upgrades to MySQL 8.0.32 (e.g., AlmaLinux...

CVE-2019-2426

CVE-2019-2426 affects Oracle Java SE Networking. Affected: Java SE 7u201, 8u192, 11.0.1; Java SE Embedded 8u191. Attack requires network access and can lead to unauthorized read access to a subset of Java SE data. Root cause: vulnerability in the Java SE Networking component that can be exploited...