CVE-2026-13752

Snowflake CLI prior to v3.19 allows SQL injection via improper neutralization of parameters in certain command paths (e.g., secret creation and SPCS service log commands). An attacker could supply crafted values through vulnerable inputs or misconfigured/mined automation to reach vulnerable param...

CVE-2026-13749

Improper neutralization in the Snowpark annotation processor callback template in Snowflake CLI versions prior to 3.19 allowed arbitrary code execution during application bundling or deployment. An attacker could exploit this by supplying crafted project content that is interpolated into generate...

CVE-2026-13744 Snowflake CLI SQL Injection Through Improper Neutralization of User-Controlled Input

Improper neutralization of attacker-controlled content in Snowflake CLI versions prior to 3.19 allowed unintended SQL execution. By supplying crafted repository content, project configuration, manifest data, or specification input, an attacker could cause Snowflake CLI to execute unintended SQL i...

ROOT-OS-ALPINE-319-CVE-2024-41957 CVE-2024-41957 in rootio-vim - Patched by Root

Root has patched CVE-2024-41957 in the rootio-vim package for Root:Alpine:3.19. Multiple fixed versions available...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001966 advisory. net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information...

ROOT-OS-ALPINE-319-CVE-2024-54661 CVE-2024-54661 in rootio-socat - Patched by Root

Root has patched CVE-2024-54661 in the rootio-socat package for Root:Alpine:3.19. Multiple fixed versions available...

CVE-2025-8796

A vulnerability has been found in LitmusChaos Litmus up to 3.19.0 and classified as problematic. This vulnerability affects unknown code of the file /auth/deleteproject/ of the component Delete Request Handler. The manipulation of the argument projectID leads to missing authorization. The attack...

WordPress plugin TicketBAI Facturas para WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

CVE-2024-31084

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19...

WordPress plugin Media Library Assistant 操作系统命令注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An operating system command...

WordPress Media Library Assistant plugin <= 3.19 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Minh Giang & Christopher Houk Patchstack Alliance in WordPress Plugin Media LIbrary Assistant versions = 3.19...

GSD-2023-1001386 usb: gadget: f_hid: fix refcount leak on error path

usb: gadget: fhid: fix refcount leak on error path This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2022-1007264 drivers: serial: jsm: fix some leaks in probe

drivers: serial: jsm: fix some leaks in probe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...

PT-2022-35652 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.19 through 5.4.219 Description: A buffer overflow issue was discovered in the iommu/omap debugfs. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 3.19...

GSD-2022-1003130 drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()

drm/rockchip: vop: fix possible null-ptr-deref in vopbind This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.14 by commit...

Security Bulletin: NVIDIA GeForce Experience - May 2019

NVIDIA has released a software security update for NVIDIA® GeForce Experience™. This update addresses issues that may lead to information disclosure, escalation of privileges, denial of service, or code execution. To protect your system, download and install this software update through the GeFor...

PT-2014-9016 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.19 Description: The issue allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations. This can occur in two scenarios: 1 during an xattr-replacement time window,...

PT-2017-1994 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.19 Description: The issue is related to the mishandling of counter grouping in the Linux kernel, specifically in the kernel/events/core.c file. This allows local users to gain privileges via a crafted...