Lucene search
K

4 matches found

OSV
OSV
added 2026/04/01 11:20 p.m.2 views

GHSA-9CQ8-3V94-434G PraisonAI Has Second-Order SQL Injection in `get_all_user_threads`

Summary The getalluserthreads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via updatethread. When the application loads the thread list, the injected payload executes and grants full database...

9.8CVSS6AI score0.00533EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/11/19 2:2 a.m.3 views

SUSE CVE-2023-38711

An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with IDIPV4ADDR or IDIPV6ADDR receives an IDcr payload with IDFQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6...

7.5CVSS7AI score0.00691EPSS
Exploits0References2
NVD
NVD
added 2014/05/07 10:55 a.m.18 views

CVE-2014-2891

strongSwan before 5.1.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a crafted IDDERASN1DN ID payload...

5CVSS6.3AI score0.02514EPSS
Exploits0References6
OSV
OSV
added 2004/05/04 4:0 a.m.3 views

DEBIAN-CVE-2004-0184

Integer underflow in the isakmpidprint for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service crash via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as...

5CVSS6.8AI score0.60346EPSS
Exploits4References1
Rows per page
Query Builder