Lucene search
+L

636 matches found

Nuclei
Nuclei
added 14 hours ago94 views

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

8.8CVSS5.9AI score0.01875EPSS
Exploits1References2
Nuclei
Nuclei
added 14 hours ago69 views

Mongoose - NoSQL Injection

NoSQL injection vulnerability in Mongoose 8.9.5 affecting the populate function's match option. This vulnerability exists due to an incomplete fix for CVE-2024-53900. While direct $where injection is blocked, attackers can bypass this protection by nesting $where operators within logical operator...

9.8CVSS8.9AI score0.07025EPSS
Exploits3References4
NVD
NVD
added 3 days ago3 views

CVE-2026-47473

NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, and information disclosure...

7.4CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 3 days ago8 views

CVE-2026-47473

CVE-2026-47473 affects NVIDIA TensorRT-LLM. The vulnerability is a write-what-where condition in TensorRT-LLM components, with potential impacts including data tampering, denial of service, and information disclosure as described in multiple sources. NVIDIA’s security update table lists this CVE ...

7.4CVSS6.1AI score0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-47473

NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, and information disclosure...

7.4CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 3 days ago15 views

CVE-2026-15043

CVE-2026-15043 affects DBI::SQL::Nano (versions 1.42–1.650.x) for Perl. In the non-numeric string branch of is_matched, the = with Perl's le, causing inverted = comparisons in WHERE predicates. This occurs in the fallback SQL engine used by DBI's file-backed drivers (e.g., DBD::File, DBD::DBM, CS...

9.8CVSS6.1AI score0.00513EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43654

DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted = SQL operators on text. DBI::SQL::Nano, DBI's built-in mini-SQL engine, evaluated WHERE predicates incorrectly in some cases. In the non-numeric string branch of the ismatched method, = was evaluated using Perl's le operator...

9.8CVSS6.1AI score0.00513EPSS
Exploits0References3
CVE
CVE
added 2026/07/07 9:29 p.m.16 views

CVE-2026-54698

Hasura CVE-2026-54698 describes a row-level authorization bypass on table computed fields. Before versions 2.49.2 and 2.45.5, a user could use a where clause on a table computed field (returning SETOF some_table) to infer rows that should be filtered for their role according to some_table’s row-l...

6CVSS5.9AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/07 9:29 p.m.6 views

CVE-2026-54698

Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...

6CVSS5.9AI score0.0017EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/07 9:29 p.m.38 views

CVE-2026-54698 Hasura: Row-level authorization bypass on table computed fields

Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...

6CVSS0.0017EPSS
Exploits0References1
OSV
OSV
added 2026/07/07 9:29 p.m.7 views

CVE-2026-54698 Hasura: Row-level authorization bypass on table computed fields

Hasura is an open-source product that provides users GraphQL or REST APIs. Prior to 2.49.2 and 2.45.5, a user can use a where clause on a table computed field returning SETOF sometable to infer row values that ought to be filtered for their role based on sometable's row-level permissions. While...

6CVSS5.9AI score0.0017EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.6 views

PT-2026-56262

Name of the Vulnerable Software and Affected Versions Hasura versions prior to 2.49.2 Hasura versions prior to 2.45.5 Description A flaw exists where a user can employ a where clause on a table computed field that returns SETOF some table to infer row values. This occurs even when those rows shou...

6CVSS6.1AI score0.0017EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 11:20 a.m.7 views

EUVD-2026-40295

DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subclass, sets bindtype in its constructor but never quotechar, so SQL::Abstract emits identifiers verbatim. Caller-supplied identifiers orderby, where-claus...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.15 views

PT-2026-53847

Name of the Vulnerable Software and Affected Versions DBIx::QuickORM versions prior to 0.000026 Description An issue exists where SQL identifiers are emitted verbatim into generated queries without proper quoting or escaping. This occurs because the default SQL builder, a SQL::Abstract subclass,...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.9 views

PT-2026-53269

Name of the Vulnerable Software and Affected Versions FrontAccounting versions prior to 2.4.20 Description An issue exists in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data. By injecting UNION SELECT payloads into the PARAM 0 POST paramete...

7.1CVSS6AI score0.00148EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.30 views

MongoDB 4.4.x < 4.4.31 / 5.0.x < 5.0.34 / 6.0.x < 6.0.29 / 7.0.x < 7.0.37 / 8.0.x < 8.0.26 / 8.2.x < 8.2.11 / 8.3.x < 8.3.4 Use-After-Free (CVE-2026-11933)

The version of MongoDB installed on the remote host is 4.4.x prior to 4.4.31, 5.0.x prior to 5.0.34, 6.0.x prior to 6.0.29, 7.0.x prior to 7.0.37, 8.0.x prior to 8.0.26, 8.2.x prior to 8.2.11, or 8.3.x prior to 8.3.4. It is, therefore, affected by a use-after-free vulnerability: - A use-after-fre...

8.8CVSS5.9AI score0.00384EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 1:57 a.m.38 views

CVE-2026-11933 Post-authentication use-after-free in server-side JavaScript BSON-to-array conversion

A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to run server-side JavaScript for example, via $where or $function can cause the server to access...

8.8CVSS0.00384EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 1:57 a.m.14 views

EUVD-2026-36373

A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to run server-side JavaScript for example, via $where or $function can cause the server to access...

8.8CVSS5.5AI score0.00384EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/11 8:51 p.m.86 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

DirtyFrag CVE-2026-43284 PoC Validation and auditd Detection...

8.8CVSS6AI score0.93235EPSS
Exploits31
GithubExploit
GithubExploit
added 2026/06/05 9:5 a.m.76 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

No d...

8.8CVSS5.4AI score0.93235EPSS
Exploits31
Rows per page
Query Builder