CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/02/05 12:0 a.m.•25 views

CVE-2024-57699

7.5AI score0.00058EPSS

Exploits0References2

NVD•added 2025/01/27 11:15 a.m.•9 views

CVE-2025-0695

An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input...

5.3CVSS0.00085EPSS

CVE•added 2025/01/27 11:12 a.m.•52 views

CVE-2025-0696

CVE-2025-0696 affects Cesanta Frozen prior to 1.7. The vulnerability is a NULL Pointer Dereference in the JSON input processing path that can crash the component embedding the library. Impact is a LOW availability hit with no confidentiality or integrity impact according to the CVSS vector in the...

5.3CVSS6.8AI score0.00085EPSS

Vulnrichment•added 2025/01/27 11:11 a.m.•5 views

CVE-2025-0695

5.3CVSS5.2AI score0.00085EPSS

CVE•added 2025/01/27 11:11 a.m.•49 views

CVE-2025-0695

CVE-2025-0695 affects Cesanta Frozen library prior to version 1.7. The vulnerability is an unbounded Allocation of Resources Without Limits or Throttling, allowing an attacker to crash the component embedding the library by supplying malicious JSON input. Affected scope is Cesanta Frozen versions

5.3CVSS6.8AI score0.00085EPSS

Positive Technologies•added 2025/01/27 12:0 a.m.•3 views

PT-2025-4004 · Cesanta · Cesanta Frozen

Name of the Vulnerable Software and Affected Versions: Cesanta Frozen versions less than 1.7 Description: An Allocation of Resources Without Limits or Throttling issue allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input...

5.3CVSS7.2AI score0.00085EPSS

Exploits0References5

RedHat Linux•added 2024/11/12 9:6 a.m.•7 views

Moderate: Red Hat Security Advisory: python3.11-PyMySQL security update

An update for python3.11-PyMySQL is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Linux•added 2024/11/12 8:56 a.m.•2 views

Exploits1References3

python-pymysql: SQL injection if used with untrusted JSON input

A flaw was found in PyMySQL. When processing untrusted JSON input, keys are not escaped by the escapedict function due to insufficient input sanitization, allowing an attacker to inject malicious SQL queries...

6.3CVSS5.8AI score0.001EPSS

Tenable Nessus•added 2024/11/12 12:0 a.m.•7 views

RHEL 9 : python3.11-PyMySQL (RHSA-2024:9194)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9194 advisory. This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy,...

Tenable Nessus•added 2024/11/12 12:0 a.m.•7 views

Exploits1References6

RHEL 9 : python3.12-PyMySQL (RHSA-2024:9193)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9193 advisory. This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy,...

AlmaLinux•added 2024/11/12 12:0 a.m.•8 views

Exploits1References6

Moderate: python3.12-PyMySQL security update

This package contains a pure-Python MySQL client library. The goal of PyMySQL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPython and Jython. Security Fixes: python-pymysql: SQL injection if used with untrusted JSON input CVE-2024-36039 For more details about the...

6.3CVSS7AI score0.001EPSS

OSV•added 2024/11/12 12:0 a.m.•7 views

ALSA-2024:9194 Moderate: python3.11-PyMySQL security update

OSV•added 2024/11/12 12:0 a.m.•11 views

ALSA-2024:9193 Moderate: python3.12-PyMySQL security update

OpenVAS•added 2024/08/20 12:0 a.m.•10 views

openSUSE Security Advisory (SUSE-SU-2024:1855-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.5AI score0.001EPSS

IBM Security Bulletins•added 2024/08/14 1:9 p.m.•13 views

Security Bulletin: PyMySQL allows SQL injection [CVE-2024-36039]

Summary PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escapedict. Vulnerability Details CVEID:CVE-2024-36039 DESCRIPTION: PyMySQL is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which cou...

6.3CVSS7.1AI score0.001EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2024/08/03 1:1 p.m.•24 views

Security Bulletin: Denial of Service vulnerability affect IBM Business Automation Workflow - CVE-2023-33008

Summary IBM Business Automation Workflow is vulnerable to a Denial of Service attack. Vulnerability Details CVEID:CVE-2023-33008 DESCRIPTION: Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON input, a...

5.3CVSS5.6AI score0.00158EPSS

Exploits0Affected Software2

RedHat Linux•added 2024/07/02 3:29 p.m.•14 views

Moderate: Red Hat Security Advisory: python3.11-PyMySQL security update

An update for python3.11-PyMySQL is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Linux•added 2024/07/02 3:24 p.m.•3 views

Exploits1References2

python-pymysql: SQL injection if used with untrusted JSON input

6.3CVSS5.8AI score0.001EPSS