51 matches found
EUVD-2022-37871
Malicious code in bioql PyPI...
EUVD-2022-7269
Malicious code in bioql PyPI...
EUVD-2024-35387
Malicious code in bioql PyPI...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2024-33809
PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks...
CVE-2024-35618
PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer...
SUSE CVE-2024-37820
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...
GO-2024-3284 PingCAP TiDB nil pointer dereference in github.com/pingcap/tidb
PingCAP TiDB nil pointer dereference in github.com/pingcap/tidb. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an...
CVE-2024-41434
PingCAP TiDB v8.1.0 is affected by a buffer overflow in the (*Column).GetDecimal path that can enable a Denial of Service via crafted input to RemoveUnnecessaryFirstRow. The issue arises because the code checks the expression between Agg and GroupBy but does not verify the return type. PingCAP di...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
PingCAP TiDB 安全漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v8.1.0, which stems from a buffer overflow issue contained in the...
GHSA-9G6G-XQV5-8G5W PingCAP TiDB nil pointer dereference
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...
CVE-2024-37820
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...
CVE-2024-37820
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...
CVE-2024-37820
CVE-2024-37820: A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b can crash the application via expression.inferCollation. Public references reiterate the crash vector but do not provide official fixes in the connected documents. Exploit specifics and remediation are not include...