PT-2025-38669

Name of the Vulnerable Software and Affected Versions jeecgboot JimuReport versions up to 2.1.2 Description A vulnerability exists in jeecgboot JimuReport. The issue is related to deserialization triggered by manipulating the clientRerouteServerListJNDIName argument within an unknown function of...

PT-2025-38663

Name of the Vulnerable Software and Affected Versions h2oai h2o-3 versions through 3.46.08 Description A vulnerability exists in h2oai h2o-3 up to version 3.46.08, specifically within the H2 JDBC Driver component. The issue involves the manipulation of the connection url argument in the...

Linux Distros Unpatched Vulnerability : CVE-2018-12023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled either globally or for a specific...

MAL-2025-38262 Malicious code in vertical-db-driver (npm)

The package vertical-db-driver was found to contain malicious code...

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

CVE-2025-0648 M-Files Server crash via EOT database driver configuration

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

CVE-2025-0648 M-Files Server crash via EOT database driver configuration

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

PT-2025-3994 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 25.1.14445.5 M-Files Server versions prior to 24.8 LTS SR3 Description: The issue allows a highly privileged attacker to cause a denial of service via a configuration change, resulting in an unexpected server...

GHSA-GVF2-2F4G-JQF4 Drupal core contains a potential PHP Object Injection vulnerability

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to...

Drupal core contains a potential PHP Object Injection vulnerability

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to...

Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to...

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB driver for SQL Server on Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the bson_strfreev() function in the libbson library’s MongoDB database management system driver allows attackers to compromise the integrity of protected information.

The vulnerability of the bsonstrfreev function in the libbson library, a MongoDB database management system driver, is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the integrity of the protected information...

The vulnerability of the MongoDB Rust Driver’s database management system driver lies in its improper handling of syntactically incorrect structures, allowing attackers to execute arbitrary commands.

The vulnerability of the MongoDB Rust Driver driver is related to the improper handling of syntaxically incorrect structures. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems arises from insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

PT-2024-6286 · Microsoft · Windows +2

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing a remote attacker to potentially elevate their privileges. It is associated with the OLE DB driver for SQL Server ...

The vulnerability of the OLE DB driver for SQL Server, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to buffer overflow in the “heap”. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...