2677 matches found
kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events
The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...
PT-2024-12816 · Mariadb Foundation +1 · Mariadb +1
Name of the Vulnerable Software and Affected Versions: MariaDB version 10.5 Description: Insecure permissions in the sys exec function of MariaDB allow authenticated attackers to execute arbitrary commands with elevated privileges. This issue is disputed by the MariaDB Foundation because no...
langchain Code Injection vulnerability
An issue in Harrison Chase langchain allows an attacker to execute arbitrary code via the PALChain,frommathpromptllm.run in the python exec method...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
Design/Logic Flaw
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
LangChain v0.0.194 is affected by a code-injection vulnerability (CVE-2023-36095) via the PALChain, enabling an attacker to execute arbitrary Python code through exec calls in from_math_prompt and from_colored_object_prompt. Reported impacts include high severity with potential full compromise; C...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2023-36095
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include frommathprompt and fromcoloredobjectprompt...
CVE-2022-46900
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...
Path traversal
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...
PT-2023-15101 · Vocera · Vocera Voice Server +2
Name of the Vulnerable Software and Affected Versions: Vocera Report Server and Voice Server versions 5.x through 5.8 Description: An issue was discovered in the software, allowing Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs executed on the server at...
CVE-2022-46900
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...
CVE-2022-46900
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to...
CVE-2022-46900
The CVE describes a Path Traversal vulnerability in Vocera Report Server/Voice Server 5.x–5.8. An authenticated user can modify task entries in the Vocera Report Console to alter the executable path and parameters, enabling potential unintended command execution. The exact exploitation steps, aff...
kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events
The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: use-after-free vulnerability in the perf_group_detach function of the Linux Kernel Performance Events
The Linux kernel's Performance Events subsystem has a use-after-free flaw that occurs when a user triggers the perfgroupdetach and removeonexec functions simultaneously. This flaw allows a local user to crash or potentially escalate their privileges on the system...
U.S. Government Agencies' Emails Compromised in China-Backed Cyber Attack
An unnamed Federal Civilian Executive Branch FCEB agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft's discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advisory released by th...
DaillyTools Remote Command Execution
==================================================================================================================================== | Title : DaillyTools v1 command execution Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 64.0.2 32-bit ...
GHSA-57FC-8Q82-GFP3 langchain vulnerable to arbitrary code execution
An issue in langchain allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method...