GHSA-3P32-J457-PG5X Query Binding Exploitation

Description Laravel versions 6.20.12, 7.30.3 & 8.22.1 contain a query binding exploitation. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected...

Query Binding Exploitation

Description Laravel versions 6.20.12, 7.30.3 & 8.22.1 contain a query binding exploitation. If a request is crafted where a field that is normally a non-array value is an array, and that input is not validated or cast to its expected type before being passed to the query builder, an unexpected...

Laravel Framework SQL Injection Vulnerability

Laravel Framework is a PHP-based web application development framework by Taylor Otwell, an individual developer. Laravel Framework suffers from a SQL injection vulnerability that stems from a query binding exploit that causes the query builder to not return any results. The following products an...

January 12, 2021—KB4598229 (OS Build 18363.1316) - EXPIRED

January 12, 2021—KB4598229 OS Build 18363.1316 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality...

Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03346)

FasterXML jackson-databind is a generic data binding package for Jackson 2.x. A security vulnerability exists in FasterXML jackson-databind. No details of the vulnerability are provided at this time...

Unspecified vulnerability in FasterXML jackson-databind (CNVD-2021-03342)

FasterXML jackson-databind is a generic data binding package for Jackson 2.x. FasterXML jackson-databind exists with the FasterXML jackson-databind suffers from a security vulnerability, no detailed vulnerability details are provided at this time...

FasterXML jackson-databind 代码问题漏洞

FasterXML jackson-databind is a generic data binding package for Jackson 2.x. A security vulnerability exists in FasterXML jackson-databind. No details of the vulnerability are provided at this time...

FasterXML jackson-databind 代码问题漏洞

FasterXML jackson-databind is a generic data binding package for Jackson 2.x. FasterXML jackson-databind has a security vulnerability, and no detailed vulnerability details are provided at this time...

Rust Resource Management Error Vulnerability (CNVD-2021-37532)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust libpulse-binding crate versions prior to 2.5.0, which stems from proplist::Iterator leading to use-after-free.No detailed vulnerability details are provid...

CVE-2018-25001

An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free...

CVE-2018-25001

An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free...

Design/Logic Flaw

An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free...

CVE-2018-25001

The CVE-2018-25001 issue affects the Rust crate libpulse-binding prior to version 2.5.0, where proplist::Iterator can cause a use-after-free by mismanaging the lifetime between Proplist and its iterator. Public references and advisories (e.g., GHSA-f56g-chqp-22m9 and GHSA-6GVC-4JVJ-PWQ4) describe...

CVE-2018-25001

An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust libpulse-binding crate versions prior to 2.5.0, which stems from proplist::Iterator leading to use-after-free.No detailed vulnerability details are provid...

Command execution vulnerability exists in FasterXML jackson-databind (CNVD-2021-00629)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A command execution vulnerability exists in FasterXML jackson-databind, which can be exploited by an attacker to execute arbitrary commands...

Command execution vulnerability exists in FasterXML jackson-databind (CNVD-2021-00625)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A command execution vulnerability exists in FasterXML jackson-databind, which can be exploited by an attacker to execute arbitrary commands...

thrift: Endless loop when feed with specific input data

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

USN-4666-1: lxml vulnerability

It was discovered that lxml incorrectly handled certain HTML. An attacker could possibly use this issue to cross-site scripting XSS attacks...

PT-2020-6873 · Unknown +6 · 389-Ds-Base +6

Name of the Vulnerable Software and Affected Versions: 389-ds-base affected versions not specified Description: The issue allows an unauthenticated attacker to check the existence of an entry in the LDAP database by exploiting the different replies from 389-ds-base when binding against a DN durin...