Lucene search
K

536 matches found

Prion
Prion
added 2023/05/25 8:15 p.m.62 views

Input validation

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...

4.4CVSS7.5AI score0.003EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2023/05/25 8:15 p.m.3 views

UBUNTU-CVE-2023-0950

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...

7.8CVSS6AI score0.003EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.4 views

PT-2023-2958 · Document Foundation +9 · Libreoffice +9

Name of the Vulnerable Software and Affected Versions: LibreOffice versions 7.4.0 through 7.4.5 LibreOffice versions 7.5.0 through 7.5.0 Description: The issue is related to an improper validation of array index in the spreadsheet component, allowing an attacker to craft a malicious spreadsheet...

9.1CVSS6.8AI score0.65692EPSS
Exploits2References92
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.3 views

SUSE CVE-2005-0244

PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command...

6.5CVSS6.6AI score0.01968EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.3 views

SUSE CVE-2017-12678

In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file...

8.8CVSS7.4AI score0.02207EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.7 views

SUSE CVE-2022-28346

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...

7.3CVSS6.7AI score0.18661EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2022/12/07 8:29 p.m.6 views

Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...

9.8CVSS7.1AI score0.18661EPSS
Exploits3References5
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.4 views

PT-2022-35485 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to the drm/meson driver in the Linux Kernel. It involves explicitly removing the aggregate driver at module unload time. The actual impact and attack plausibility have...

7.2AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/09/13 9:57 a.m.3 views

mariadb: Crash executing query with VIEW, aggregate and subquery

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW...

5.5CVSS7.3AI score0.00551EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/09/01 2:21 p.m.5 views

mariadb: Crash executing query with VIEW, aggregate and subquery

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW...

5.5CVSS7.3AI score0.00551EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.7 views

Ubuntu: Security Advisory (USN-369-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Snyk
Snyk
added 2022/08/19 8:11 a.m.1 views

Malicious Package

Overview usaa-template-mocks-aggregate is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/08/15 6:45 a.m.2 views

Malicious code in usaa-template-mocks-aggregate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5c02da6001bfce43405f8bf2d1b55088f279cbc0d95e7badfd6f9178f1ffcd5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2022/08/12 1:24 p.m.61 views

Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’

Users of Apple’s Instagram and Facebook iOS apps are being warned that both use an in-app browser that allows parent company Meta to track ‘every single tap’ users make with external websites accessed via the software. Researcher Felix Krause, who outlined how Meta tracks users in a blog posted...

6.7AI score
Exploits0References8
RedHat Linux
RedHat Linux
added 2022/08/09 12:23 p.m.5 views

mariadb: Crash executing query with VIEW, aggregate and subquery

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW...

5.5CVSS7.3AI score0.00551EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/08/02 10:9 a.m.4 views

mariadb: MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr

MariaDB through 10.5.9 allows an application crash in subselectpostjoinaggr for a NULL value of aggr...

5.5CVSS7.4AI score0.004EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/07/28 4:6 p.m.4 views

mariadb: Crash executing query with VIEW, aggregate and subquery

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW...

5.5CVSS7.3AI score0.00551EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/07/25 7:53 p.m.2 views

Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...

9.8CVSS7.1AI score0.18661EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2022/07/25 6:33 p.m.1 views

Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...

9.8CVSS7.1AI score0.18661EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2022/07/05 2:41 p.m.5 views

Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...

9.8CVSS7.1AI score0.18661EPSS
Exploits3References5
Rows per page
Query Builder