248 matches found
CVE-2021-47748 Hasura GraphQL 1.3.3 - Remote Code Execution
Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the runsql endpoint by crafting malicious GraphQL queries that execute system commands through...
CVE-2021-47748
Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the runsql endpoint by crafting malicious GraphQL queries that execute system commands through...
EUVD-2026-3661
Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the runsql endpoint by crafting malicious GraphQL queries that execute system commands through...
CVE-2021-47748
CVE-2021-47748 concerns Hasura GraphQL 1.3.3, describing a remote code execution via SQL query manipulation. Attackers can inject commands into the run_sql endpoint, leveraging PostgreSQL COPY FROM PROGRAM to execute system commands. Connected sources corroborate the RCE vector and affected compo...
PT-2026-3806
Name of the Vulnerable Software and Affected Versions phpPgAdmin version 7.13.0 Description An authenticated attacker can execute arbitrary system commands through SQL query manipulation. This is achieved by creating a custom table, uploading a malicious .txt file, and utilizing the COPY FROM...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001239)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001239 advisory. An issue was discovered in the Linux kernel through 4.17.2. vbgmiscdeviceioctl in drivers/virt/vboxguest/vboxguestlinux.c reads the same user data twice with...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003901)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003901 advisory. A memory leak in the cryptoreportstat function in drivers/virt/vboxguest/vboxguestutils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003977)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003977 advisory. A memory leak in the rpmsgeptdevwriteiter function in drivers/rpmsg/rpmsgchar.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memo...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001797 advisory. The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic an...
CVE-2025-40112
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copyfromtouser for Niagara The referenced commit introduced exception handlers on user-space memory references in copyfromuser and copytouser. These handlers return from the respective...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993254)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993254 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfdwaitonevents function, the kfdeventwaiter...
SUSE CVE-2022-50754
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multitransactionnew In multitransactionnew, the variable t is not freed or passed out on the failure of copyfromusert-data, buf, size, which could lead to a memleak. Fix this bug by adding a...
SUSE CVE-2023-54034
In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...
SUSE CVE-2023-54102
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...
EUVD-2022-55807
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multitransactionnew In multitransactionnew, the variable t is not freed or passed out on the failure of copyfromusert-data, buf, size, which could lead to a memleak. Fix this bug by adding a...
CVE-2023-54102
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...
CVE-2022-50754
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multitransactionnew In multitransactionnew, the variable t is not freed or passed out on the failure of copyfromusert-data, buf, size, which could lead to a memleak. Fix this bug by adding a...
CVE-2022-50754
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multitransactionnew In multitransactionnew, the variable t is not freed or passed out on the failure of copyfromusert-data, buf, size, which could lead to a memleak. Fix this bug by adding a...
UBUNTU-CVE-2022-50754
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multitransactionnew In multitransactionnew, the variable t is not freed or passed out on the failure of copyfromusert-data, buf, size, which could lead to a memleak. Fix this bug by adding a...
UBUNTU-CVE-2023-54102
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...