Lucene search
+L

93 matches found

NVD
NVD
added 2023/08/14 7:15 p.m.13 views

CVE-2023-28480

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions UDFs from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An...

6.5CVSS6.6AI score0.00534EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/08/14 7:15 p.m.3 views

CVE-2023-28480

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions UDFs from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An...

6.5CVSS6AI score0.00534EPSS
Exploits1References2
OSV
OSV
added 2023/08/14 7:15 p.m.9 views

CVE-2023-28483

An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL querie...

8.8CVSS5.8AI score0.00741EPSS
Exploits1References1
OSV
OSV
added 2023/08/14 7:15 p.m.9 views

CVE-2023-28480

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions UDFs from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An...

6.5CVSS5.9AI score0.00534EPSS
Exploits1References1
Prion
Prion
added 2023/08/14 7:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions UDFs from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An...

4CVSS6.5AI score0.00534EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/14 12:0 a.m.15 views

CVE-2023-28480

An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform allows users to define new User Defined Functions UDFs from C/C++ code. To support this functionality TigerGraph allows users to upload custom C/C++ code which is then compiled and installed into the platform. An...

7.1AI score0.00534EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.7 views

PT-2023-21753 · Tigergraph · Tigergraph Enterprise

Name of the Vulnerable Software and Affected Versions: Tigergraph Enterprise version 3.7.0 Description: An issue was discovered in the GSQL query language, which allows users to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable v...

8.8CVSS8.6AI score0.00741EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.7 views

PT-2023-21750 · Tigergraph · Tigergraph Enterprise

Name of the Vulnerable Software and Affected Versions: Tigergraph Enterprise version 3.7.0 Description: An issue was discovered in the TigerGraph platform, which allows users to define new User Defined Functions UDFs from C/C++ code. This functionality enables users to upload custom C/C++ code,...

6.5CVSS6.4AI score0.00534EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/02/27 12:0 a.m.4 views

PT-2023-9609 · Mariadb Foundation · Mariadb

Name of the Vulnerable Software and Affected Versions: MariaDB version 10.5 Description: The issue is related to a remote code execution vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. This vulnerability is associated with insufficient input...

9.8CVSS8.6AI score0.02098EPSS
Exploits2References21
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.3 views

SUSE CVE-2005-2558

Stack-based buffer overflow in the initsyms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long functionname field...

4.6CVSS8.1AI score0.02328EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:9 a.m.4 views

SUSE CVE-2016-0608

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via vectors related to UDF...

3.5CVSS6.1AI score0.03404EPSS
Exploits0References38
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.4 views

SUSE CVE-2021-44521

When running Apache Cassandra with the following configuration: enableuserdefinedfunctions: true enablescripteduserdefinedfunctions: true enableuserdefinedfunctionsthreads: false it is possible for an attacker to execute arbitrary code on the host. The attacker would need to have enough permissio...

9.1CVSS9.4AI score0.54889EPSS
Exploits7References3
CNNVD
CNNVD
added 2022/12/12 12:0 a.m.3 views

SQLite 安全漏洞

SQLite is a lightweight database that is an ACID compliant relational database management system. A security vulnerability exists in SQLite 3.40.0 and prior versions that stems from not properly implementing the azProhibitedFunctions protection mechanism when relying on --safe to execute untruste...

7.3CVSS6.5AI score0.00425EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.3 views

PT-2022-6939 · Sqlite +3 · Sqlite +3

Name of the Vulnerable Software and Affected Versions: SQLite versions prior to 3.40.0 Description: The issue is related to errors in the implementation of the azAllowedFunctions protection mechanism in the SQLite database management system's command-line interface. This could allow an attacker t...

7.3CVSS6.8AI score0.01249EPSS
Exploits2References57
GithubExploit
GithubExploit
added 2022/12/03 9:35 p.m.23 views

Exploit for Incorrect Permission Assignment for Critical Resource in Apache Cassandra

CVE-2021-44521 Automated PoC of CVE-2021-44521 Credits to orig...

9.1CVSS7.4AI score0.54889EPSS
Exploits7
ATTACKERKB
ATTACKERKB
added 2022/09/05 4:15 p.m.4 views

CVE-2022-30331

The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...

8.8CVSS7.6AI score0.00906EPSS
Exploits0References4
OSV
OSV
added 2022/09/05 4:15 p.m.8 views

CVE-2022-30331

The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...

8.8CVSS6AI score0.00906EPSS
Exploits0References3
PyPA
PyPA
added 2022/09/05 4:15 p.m.9 views

PYSEC-2022-43064

The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...

8.8CVSS7.4AI score0.00906EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2022/09/05 4:15 p.m.12 views

Code injection

DISPUTED The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...

6.5CVSS8.8AI score0.00906EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/09/05 4:15 p.m.5 views

PYSEC-2022-43064

The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...

8.8CVSS6.1AI score0.00906EPSS
Exploits0References3
Rows per page
Query Builder