11 matches found
Splunk Enterprise 9.3.0 < 9.3.12, 9.4.0 < 9.4.11, 10.0.0 < 10.0.6, 10.2 < 10.2.3 (SVD-2026-0505)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0505 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr,...
Expr 安全漏洞
Expr is an expression language and expression evaluation for Go open-sourced by Expr. A security vulnerability exists in versions of Expr prior to 1.17.7, which stems from multiple built-in functions that do not enforce maximum recursion depth, potentially resulting in a stack overflow and proces...
CVE-2025-63604
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the executequery method. The vulnerability stems from the exposure of dangerous Python built-in functions import, getattr, hasattr in...
Unsafe Deserialization
picklescan is vulnerable to Unsafe deserialization. The vulnerability is due to the ability to exploit built-in functions in the NumPy library that indirectly invoke dangerous functions like exec, allowing execution of arbitrary Python or OS commands...
CVE-2025-30143
Rule 3000216 before version 2 in Akamai App & API Protector with Akamai ASE before 2024-12-10 does not properly consider JavaScript variable assignment to built-in functions and properties...
IBM Db2 输入验证错误漏洞
IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from an input validation error vulnerability that stems from the susceptibility to denial-of-service attacks wh...
[SECURITY] Fedora 39 Update: libclc-17.0.2-1.fc39
libclc is an open source, BSD licensed implementation of the library requirements of the OpenCL C programming language, as specified by the OpenCL 1.1 Specification. The following sections of the specification impose library requirements: 6.1: Supported Data Types 6.2.3: Explicit Conversions...
Vyper Buffer Error Vulnerability
Vyper is the Pythonic smart contract language for EVM. A buffer error vulnerability exists in versions of Vyper prior to 0.3.10, which stems from the fact that the memory createfromblueprint and possibly createcopyof used by built-in functions can become corrupted under certain circumstances...
Protection Mechanism Bypass
github.com/open-policy-agent/opa is vulnerable to a protection mechanism bypass. A remote attacker is able to bypass the protection set by WithUnsafeBuiltins function via use of the with keyword to create replicas of unsafe built-in functions...
CVE-2022-36085 OPA Compiler: Bypass of WithUnsafeBuiltins using `with` keyword to mock functions
Open Policy Agent OPA is an open source, general-purpose policy engine. The Rego compiler provides a deprecated WithUnsafeBuiltins function, which allows users to provide a set of built-in functions that should be deemed unsafe — and as such rejected — by the compiler if encountered in the policy...
FANUC 18-MB Control System
Binary data 764772.prm...