ClickHouse 安全漏洞

ClickHouse is a ClickHouse open source one of the fastest and most resource efficient open source databases for real-time applications and analytics. A security vulnerability exists in ClickHouse that stems from the ability of an attacker to send a specially crafted request that crashes a server...

CVE-2024-41122 Custom environment variables allow to alter execution flow of plugins in Woodpecker

Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead to a host takeover that runs the agent executing the workflow. 2. Or allow to extract the secrets w...

NVIDIA ChatRTX 安全漏洞

NVIDIA ChatRTX is a content personalization chatbot from NVIDIA, USA. A security vulnerability exists in NVIDIA ChatRTX. An attacker exploited the vulnerability to alter the execution process by sending user input, which could lead to mismanagement of privileges issues...

BNC 2.2.4/2.4.6/2.4.8 - IRC Proxy Buffer Overflow (2)

/ source: https://www.securityfocus.com/bid/1927/info BNC's IRC Proxy is used as a gateway to an IRC server. A buffer stores a username which arguments the program's USER command. User-supplied input to this buffer is improperly checked for length. As a result, the excessive data copied onto the...