59 matches found
EUVD-2024-35387
Malicious code in bioql PyPI...
EUVD-2022-37871
Malicious code in bioql PyPI...
EUVD-2022-7269
Malicious code in bioql PyPI...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2024-33809
PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks...
CVE-2024-35618
PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer...
SUSE CVE-2024-37820
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...
GO-2024-3284 PingCAP TiDB nil pointer dereference in github.com/pingcap/tidb
PingCAP TiDB nil pointer dereference in github.com/pingcap/tidb. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41433
CVE-2024-41433 affects PingCAP TiDB 8.1.0, with a buffer overflow in the component expression.ExplainExpressionList. The vulnerability could allow an attacker to induce a Denial of Service via crafted input. PingCAP notes that the reproduced issue did not cause service interruption for other user...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
PingCAP TiDB 安全漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v8.1.0, which stems from a buffer overflow issue contained in the...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 is affected by a buffer overflow in the (*Column).GetDecimal path that can enable a Denial of Service via crafted input to RemoveUnnecessaryFirstRow. The issue arises because the code checks the expression between Agg and GroupBy but does not verify the return type. PingCAP di...