EUVD-2023-38098

Malicious code in bioql PyPI...

EUVD-2023-47011

Malicious code in bioql PyPI...

EUVD-2024-18566

Malicious code in bioql PyPI...

EUVD-2024-21079

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-48965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtlsasn1storenameddata can trigger conflicting data with val.p of NULL but val.len greater than...

ALPINE-CVE-2025-48965

Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtlsasn1storenameddata can trigger conflicting data with val.p of NULL but val.len greater than zero...

CVE-2024-23634

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. An arbitrary file renaming vulnerability exists in versions prior to 2.23.5 and 2.24.2 that enables an authenticated administrator with permissions to modify stores through the REST...

CVE-2024-20851

Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary activity with Samsung Data Store privilege...

CVE-2023-33972

Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to access a table in the same keyspace, even if they don't have permissions for that table. This issue...

CVE-2023-42578

Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows remote attackers to access location information without permission...

CVE-2019-15569

HM Courts & Tribunals ccd-data-store-api before 2019-06-10 allows SQL injection, related to SearchQueryFactoryOperation.java and SortDirection.java...

CVE-2019-2760

Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are 12.1.6.1.23, 12.1.6.1.26, 12.1.6.1.29, 12.1.6.1.36, 12.1.6.2.23 and 12.1.6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data...

CVE-2013-3275

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obtain sensitive information via a crafted web site, related to "cross frame scripting vulnerabilitie...

Alibaba Cloud Linux 3 : 0092: libdb (ALINUX3-SA-2022:0092)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0092 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-2708: Vulnerability in the Data Store...

Duplicate Advisory: HAL Cross Site Scripting (XSS) vulnerability of user input when storing it in a data store

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f7jh-m6wp-jm7f. This link is maintained to preserve external references. Original Description A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when a...

GHSA-HP88-HFJW-2HG4 Duplicate Advisory: HAL Cross Site Scripting (XSS) vulnerability of user input when storing it in a data store

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f7jh-m6wp-jm7f. This link is maintained to preserve external references. Original Description A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when a...

CVE-2020-2981

Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 18.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks...

Important: Red Hat Security Advisory: redis security update

An update for redis is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CKAN 安全漏洞

CKAN is an open source DMS Data Management System from CKAN Open Source. It is used to power data centers and data portals. CKAN has a security vulnerability that stems from the Datatables view plugin failing to properly escape record data from the DataStore...

PT-2024-29500 · Ckan +2 · Datatables View Plugin +3

Name of the Vulnerable Software and Affected Versions: CKAN versions 2.7.0 through 2.10.4 CKAN version 2.11.0 is not affected, but versions prior to 2.11.0 are vulnerable if they are earlier than 2.10.5. Description: The Datatables view plugin in CKAN did not properly escape record data coming fr...