Search CVE reports

4781 – 4790 of 61333 results

Detailed view

Sort by:

CVE-2025-21579

Medium priority

Some fixes available 6 of 19

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged...

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.4, mariadb, mariadb-10.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mysql-5.5	Not in release	Not in release	Not in release	—
mysql-5.7	Not in release	Not in release	Not in release	Ignored
mysql-8.4	Not in release	Not in release	Not in release	—
mariadb	Needs evaluation	Not in release	Not in release	—
mariadb-10.0	Not in release	Not in release	Not in release	—
mariadb-10.1	Not in release	Not in release	Not in release	Needs evaluation
mariadb-10.3	Not in release	Not in release	Ignored	—
mariadb-10.6	Not in release	Needs evaluation	Not in release	—
percona-xtradb-cluster-5.6	Not in release	Not in release	Not in release	—
percona-server-5.6	Not in release	Not in release	Not in release	—
mysql-8.0	Fixed	Fixed	Fixed	—

CVE-2025-21577

Medium priority

Some fixes available 6 of 19

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker...

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.4, mariadb, mariadb-10.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mysql-5.5	Not in release	Not in release	Not in release	—
mysql-5.7	Not in release	Not in release	Not in release	Ignored
mysql-8.4	Not in release	Not in release	Not in release	—
mariadb	Needs evaluation	Not in release	Not in release	—
mariadb-10.0	Not in release	Not in release	Not in release	—
mariadb-10.1	Not in release	Not in release	Not in release	Needs evaluation
mariadb-10.3	Not in release	Not in release	Ignored	—
mariadb-10.6	Not in release	Needs evaluation	Not in release	—
percona-xtradb-cluster-5.6	Not in release	Not in release	Not in release	—
percona-server-5.6	Not in release	Not in release	Not in release	—
mysql-8.0	Fixed	Fixed	Fixed	—

CVE-2025-21575

Medium priority

Some fixes available 6 of 19

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged...

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.4, mariadb, mariadb-10.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mysql-5.5	Not in release	Not in release	Not in release	—
mysql-5.7	Not in release	Not in release	Not in release	Ignored
mysql-8.4	Not in release	Not in release	Not in release	—
mariadb	Needs evaluation	Not in release	Not in release	—
mariadb-10.0	Not in release	Not in release	Not in release	—
mariadb-10.1	Not in release	Not in release	Not in release	Needs evaluation
mariadb-10.3	Not in release	Not in release	Ignored	—
mariadb-10.6	Not in release	Needs evaluation	Not in release	—
percona-xtradb-cluster-5.6	Not in release	Not in release	Not in release	—
percona-server-5.6	Not in release	Not in release	Not in release	—
mysql-8.0	Fixed	Fixed	Fixed	—

CVE-2025-21574

Medium priority

Some fixes available 6 of 19

11 affected packages

mysql-5.5, mysql-5.7, mysql-8.4, mariadb, mariadb-10.0...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mysql-5.5	Not in release	Not in release	Not in release	—
mysql-5.7	Not in release	Not in release	Not in release	Ignored
mysql-8.4	Not in release	Not in release	Not in release	—
mariadb	Needs evaluation	Not in release	Not in release	—
mariadb-10.0	Not in release	Not in release	Not in release	—
mariadb-10.1	Not in release	Not in release	Not in release	Needs evaluation
mariadb-10.3	Not in release	Not in release	Ignored	—
mysql-8.0	Fixed	Fixed	Fixed	—
mariadb-10.6	Not in release	Needs evaluation	Not in release	—
percona-xtradb-cluster-5.6	Not in release	Not in release	Not in release	—
percona-server-5.6	Not in release	Not in release	Not in release	—

CVE-2025-24358

Medium priority

Needs evaluation

gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation...

1 affected package

golang-github-gorilla-csrf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-gorilla-csrf	Needs evaluation	Needs evaluation	Needs evaluation	—

CVE-2025-32776

Medium priority

Needs evaluation

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custom_frame` file, an attacker can cause the custom...

1 affected package

openrazer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
openrazer	Needs evaluation	Needs evaluation	Needs evaluation	—

CVE-2025-3523

Medium priority

Fixed

When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the...

1 affected package

thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
thunderbird	Not affected	Fixed	Not in release	—

CVE-2025-3522

Medium priority

Fixed

Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it...

1 affected package

thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
thunderbird	Not affected	Fixed	Not in release	—

CVE-2025-2830

Medium priority

Fixed

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability...

1 affected package

thunderbird

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
thunderbird	Not affected	Fixed	Not in release	—

CVE-2025-3608

Medium priority

Needs evaluation

A race condition existed in nsHttpTransaction that could have been exploited to cause memory corruption, potentially leading to an exploitable condition. This vulnerability affects Firefox < 137.0.2.

9 affected packages

mozjs52, firefox, thunderbird, mozjs38, mozjs68...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
mozjs52	Not in release	Not in release	Needs evaluation	Ignored
firefox	Not affected	Not affected	Not in release	—
thunderbird	Not affected	Not affected	Not in release	—
mozjs38	Not in release	Not in release	Not in release	Needs evaluation
mozjs68	Not in release	Not in release	Ignored	—
mozjs78	Not in release	Ignored	Not in release	—
mozjs91	Not in release	Ignored	Not in release	—
mozjs102	Ignored	Ignored	Not in release	—
mozjs115	Ignored	Not in release	Not in release	—

Export to JSON

Results by page: