51 matches found
CVE-2019-12264
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component...
EUVD-2022-33607
Malicious code in bioql PyPI...
EUVD-2021-31533
Malicious code in bioql PyPI...
The vulnerability of the http-client component of the Symfony software development and web application management platform allows attackers to access confidential data.
The vulnerability of the http-client component in the Symfony software development and web application management platform is related to the exposure of sensitive information. Exploiting this vulnerability could allow an attacker to gain access to confidential data remotely...
CVE-2021-2221
Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Client. The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global...
The vulnerability of the Native Client component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.
The vulnerability of the Native Client component in the Microsoft SQL Server database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
PT-2024-8601 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to a memory use after free vulnerability in the Microsoft SQL Server Native Client component. This could allow a remote attacker to execute arbitrary code...
CVE-2024-38516 Aimeos HTML client may potentially reveal sensitive information in error log
ai-client-html is an Aimeos e-commerce HTML client component. Debug information revealed sensitive information from environment variables in error log. This issue has been patched in versions 2024.04.7, 2023.10.15, 2022.10.13 and 2021.10.22...
RHEL 9 : kernel (RHSA-2023:7749)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7749 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free vulnerability i...
Important: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-385)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-385 advisory. In the Linux kernel, the following vulnerability has been resolved: ceph: drop messages from MDS when unmounting CVE-2022-48628 A use-after-free vulnerability in the Linux kernel's netfilter:...
CVE-2023-5345
A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3fscontextparseparam, ctx-password was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their...
AZL-31149 CVE-2023-5345 affecting package kernel for versions less than 5.15.135.1-2
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3fscontextparseparam, ctx-password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading pas...
The vulnerability in the client.c component of the ConnMan connection driver allows a attacker to cause a service failure.
The vulnerability in the client.c component of the ConnMan driver is related to buffer overflow attacks. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
ICEPAY REST API for .NET 安全漏洞
ICEPAY REST API for .NET is an ICEPAY open source REST API client for .NET developers. A security vulnerability exists in ICEPAY REST API for .NET version 0.9, which stems from a security issue in the function RestClient in the file Classes/RestClient.cs in the component Checksum Validation, whic...
MariaDB 5.5.0 < 5.5.61 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 5.5.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.61 advisory. - Vulnerability in the MySQL Client component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected ar...
Oracle MySQL 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. An information disclosure vulnerability exists in the Shell: Core Client component of Oracle MySQL Shell. An attacker can exploit this vulnerability to corrupt the MySQL Shell and gain unauthorized access to a subset of MySQL...
CVE-2021-44718
wolfSSL through 5.0.0 allows an attacker to cause a denial of service and infinite loop in the client component by sending crafted traffic from a Machine-in-the-Middle MITM position. The root cause is that the client module accepts TLS messages that normally are only sent to TLS servers...
CVE-2022-32962
HiCOS’ client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service...
The vulnerability of the Client component of the Oracle Secure Global Desktop software allows a hacker to gain full control over the application.
The vulnerability of the Client component of the Oracle Secure Global Desktop software exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain full control over the application using the HTTP protocol...