Lucene search
K

287 matches found

Snyk
Snyk
added 2025/10/09 1:42 p.m.2 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the quote function that fails to properly escape special characters. An attacker can execute arbitrary SQL commands by supplying specially crafted input values for database name or table names. Remediation Upgrade...

8.8CVSS8.6AI score0.00424EPSS
Exploits0References2
CVE
CVE
added 2025/10/09 1:15 p.m.498 views

CVE-2025-62228

CVE-2025-62228 affects Apache Flink CDC: version 3.4.0 is vulnerable to SQL injection via maliciously crafted identifiers (e.g., database or table names). The issue can be triggered by a logged-in database user, with remediation to upgrade to 3.5.0 (or apply fixes per advisories). Connected docum...

8.8CVSS7.5AI score0.00424EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/10/09 1:15 p.m.8 views

CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers

Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...

5.1CVSS0.00424EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/09 1:15 p.m.3 views

CVE-2025-62228 Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC, Apache Flink CDC: SQL injection via maliciously crafted identifiers

Apache Flink CDC version 3.4.0 was vulnerable to a SQL injection via maliciously crafted identifiers eg. crafted database name or crafted table name. Even through only the logged-in database user can trigger the attack, we recommend users update Flink CDC version to 3.5.0 which address this issue...

5.1CVSS7.5AI score0.00424EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.5 views

Apache Flink CDC SQL注入漏洞

Apache Flink CDC is a real-time data capture framework from the Apache Foundation. An SQL injection vulnerability exists in Apache Flink CDC version 3.4.0, which stems from improper handling of specially crafted identifiers such as database names or table names, which could lead to SQL injection...

8.8CVSS7.5AI score0.00424EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/10/08 11:30 p.m.5 views

SUSE CVE-2023-53667

In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...

6.1CVSS6.4AI score0.00137EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53667

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated min value, but greater...

5.5CVSS6.2AI score0.00137EPSS
Exploits0References3
OSV
OSV
added 2025/10/07 4:15 p.m.4 views

UBUNTU-CVE-2023-53667

In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 3:21 p.m.5 views

EUVD-2025-32749

In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...

5.9AI score0.00137EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986965 advisory. In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0...

5.5CVSS6AI score0.00213EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.9 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-402478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-402478 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages The syzbot fuzzer found that...

5.5CVSS6.2AI score0.00294EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-41111

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.106-syzkaller-00249-g19c0ed55a470 Description The Linux kernel contains a flaw within the cdc ncm module related to handling excessively small values of dwNtbOutMaxSize. Specifically, the cdc ncm check tx ma...

6.3AI score0.00137EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987254)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987254 advisory. In the Linux kernel, the following vulnerability has been resolved: net: cdceem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eemtxfixup, if...

5.5CVSS6.6AI score0.00228EPSS
Exploits0References4
OSV
OSV
added 2025/10/02 7:10 p.m.9 views

CLSA-2025-1759432250 kernel: Fix of 36 CVEs

ASoC: topology: Clean up route loading CVE-2024-41069 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - Bluetooth: L2CAP: Fix not validating setsockopt user input CVE-2024-35965 - Bluetooth: L2CAP:...

7.8CVSS7.3AI score0.0788EPSS
Exploits16References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in cdc-indicator (npm)

The package cdc-indicator was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.0 views

MAL-2025-16691 Malicious code in cdc-indicator (npm)

The package cdc-indicator was found to contain malicious code...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/05/03 2:50 a.m.3 views

SUSE CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.4 views

CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

5.5CVSS6.1AI score0.00165EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

DEBIAN-CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

5.5CVSS5.5AI score0.00165EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.1 views

UBUNTU-CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

5.5CVSS6.1AI score0.00165EPSS
Exploits0References8
Rows per page
Query Builder