Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/01/16 7:20 p.m.11 views

ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

ActiveRecord-JDBC-Adapter AR-JDBC contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or...

7.8AI score
Exploits0References5Affected Software1
Wolfi
Wolfi
added 2025/12/07 7:47 p.m.11 views

CVE-2025-61727 vulnerabilities

Vulnerabilities for packages: kube-bench, thanos-operator, falco-no-driver, helm-operator, nri-mssql, secrets-store-csi-driver-provider-azure, rancher, kargo, terraform-provider-time, mongodb-kubernetes-operator, nri-couchbase, steampipe, paranoia, grafana-image-renderer, stakater-reloader,...

6.5CVSS6.8AI score0.00274EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/07/19 12:0 a.m.7 views

The vulnerability of the wireless adapter for Xbox Windows operating systems, allowing a hacker to execute arbitrary code

The vulnerability of the wireless adapter in Xbox Windows operating systems relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malicious link or malicious file...

7.1CVSS6.5AI score0.01001EPSS
Exploits0References2
OSV
OSV
added 2022/08/25 9:21 p.m.16 views

MGASA-2022-0305 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.62 and fixes at least the following security issues: A use-after-free flaw was found in the Linux kernel Atheros wireless adapter driver in the way a user forces the ath9khtcwaitfortarget function to fail with some input messages. This flaw allows a...

7.8CVSS7.5AI score0.12746EPSS
Exploits14References7
Rows per page
Query Builder