545 matches found
CVE-2023-36830
SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...
PT-2023-25720 · Sqlfluff +1 · Sqlfluff +1
Name of the Vulnerable Software and Affected Versions: SQLFluff versions prior to 2.1.2 Description: In environments where untrusted users have access to the config files, there is a potential security issue where those users could use the library path config value to allow arbitrary python code ...
CVE-2023-36830
SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...
CVE-2023-22652
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
CVE-2023-22652
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
CVE-2023-32181
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2...
DEBIAN-CVE-2023-32181
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2...
Buffer overflow
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
CVE-2023-22652 Stack buffer overflow in "read_file" function
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
CVE-2023-22652 Stack buffer overflow in "read_file" function
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
CVE-2023-22652
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...
libeconf 安全漏洞
libeconf is a highly flexible and configurable library for parsing and managing key=value configuration files. A security vulnerability exists in libeconf versions prior to 0.5.2, which stems from the presence of a buffer overflow vulnerability that allows denial-of-service attacks via incorrectl...
CVE-2022-39071
There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission...
TOTOLINK N200RE 安全漏洞
The TOTOLINK N200RE is a router from China's Gion Electronics TOTOLINK. An information disclosure vulnerability exists in the TOTOLINK N200RE v9.3.5u.6255B20211224, which stems from insufficient protection of sensitive information in the squashfs-root/etcro/custom.conf in the Telnet service...
CVE-2023-32982
Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2023-32982
Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2023-32982
Jenkins Ansible Plugin 204.v8191fd551ebf and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2023-30523
Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
Akuvox E11 安全漏洞
Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from Akuvox E11 using a weak encryption algorithm for stored passwords and decrypting them using hard-coded passwords, which can allow decryption of...
Updated ipython packages fix security vulnerability
Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. CVE-2022-21699...