287 matches found
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the quote function that fails to properly escape special characters. An attacker can execute arbitrary SQL commands by supplying specially crafted input values for database name or table names. Remediation Upgrade...
CVE-2025-62228
CVE-2025-62228 affects Apache Flink CDC: version 3.4.0 is vulnerable to SQL injection via maliciously crafted identifiers (e.g., database or table names). The issue can be triggered by a logged-in database user, with remediation to upgrade to 3.5.0 (or apply fixes per advisories). Connected docum...
CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers
Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...
CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers
Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...
Apache Flink CDC SQL注入漏洞
Apache Flink CDC is a real-time data capture framework from the Apache Foundation. An SQL injection vulnerability exists in Apache Flink CDC version 3.4.0, which stems from improper handling of specially crafted identifiers such as database names or table names, which could lead to SQL injection...
SUSE CVE-2023-53667
In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...
Linux Distros Unpatched Vulnerability : CVE-2023-53667
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated min value, but greater...
UBUNTU-CVE-2023-53667
In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...
EUVD-2025-32749
In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986965)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986965 advisory. In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-402478)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-402478 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that...
PT-2025-41111
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.106-syzkaller-00249-g19c0ed55a470 Description The Linux kernel contains a flaw within the cdc ncm module related to handling excessively small values of dwNtbOutMaxSize. Specifically, the cdc ncm check tx ma...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987254)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987254 advisory. In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if...
CLSA-2025-1759432250 kernel: Fix of 36 CVEs
ASoC: topology: Clean up route loading CVE-2024-41069 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - Bluetooth: L2CAP: Fix not validating setsockopt user input CVE-2024-35965 - Bluetooth: L2CAP:...
Malicious code in cdc-indicator (npm)
The package cdc-indicator was found to contain malicious code...
MAL-2025-16691 Malicious code in cdc-indicator (npm)
The package cdc-indicator was found to contain malicious code...
SUSE CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
DEBIAN-CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...
UBUNTU-CVE-2023-53110
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...