Lucene search
K

74 matches found

OSV
OSV
added 2024/11/20 5:21 p.m.6 views

DRUPAL-CORE-2024-004

Drupal's uniqueness checking for certain user fields is inconsistent depending on the database engine and its collation. As a result, a user may be able to register with the same email address as another user. This may lead to data integrity issues...

8.1CVSS6.7AI score0.00408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.5 views

PT-2025-14094

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 5.0.31 MongoDB Server versions prior to 6.0.20 MongoDB Server versions prior to 7.0.14 MongoDB Server versions prior to 7.3.4 Description A user authorized to access a view may be able to alter the intended...

9.8CVSS6.5AI score0.00414EPSS
Exploits0References35
RedHat Linux
RedHat Linux
added 2024/09/05 2:13 p.m.5 views

python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django

A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match...

4.9CVSS5.7AI score0.00581EPSS
Exploits0References5
OSV
OSV
added 2024/06/25 7:15 p.m.5 views

CVE-2024-37820

A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...

5.4CVSS6.1AI score0.00377EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/06/10 6:41 p.m.3 views

python-social-auth: Improper Handling of Case Sensitivity in social-auth-app-django

A flaw was found in social-auth-app-django. In affected versions of this package, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match...

4.9CVSS5.7AI score0.00581EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/05/08 2:32 p.m.27 views

Vitess vulnerable to infinite memory consumption and vtgate crash

Summary When executing the following simple query, the vtgate will go into an endless loop that also keeps consuming memory and eventually will OOM. Details When running the following query, the evalengine will try evaluate it and runs forever. select utf16 0xFF The source of the bug lies in the...

4.9CVSS7.2AI score0.00751EPSS
Exploits0References9Affected Software2
SUSE CVE
SUSE CVE
added 2024/04/25 11:11 p.m.5 views

SUSE CVE-2024-32879

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed b...

4.9CVSS6.9AI score0.00581EPSS
Exploits0References3
OSV
OSV
added 2024/04/24 8:15 p.m.3 views

DEBIAN-CVE-2024-32879

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed b...

4.9CVSS5.9AI score0.00581EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/04/24 7:42 p.m.31 views

CVE-2024-32879

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed b...

4.9CVSS5.9AI score0.00581EPSS
Exploits0
CVE
CVE
added 2024/04/24 7:42 p.m.184 views

CVE-2024-32879

Python Social Auth Django contains a vulnerability (CVE-2024-32879) where third-party authentication user IDs are not case-sensitive due to the database collation before version 5.4.1, allowing mismatched IDs to be treated as equal. The issue is mitigated by upgrading to 5.4.1, which fixes the im...

4.9CVSS6.5AI score0.00581EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/24 7:42 p.m.29 views

CVE-2024-32879 social-auth-app-django Improper Handling of Case Sensitivity vulnerability

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed b...

4.9CVSS5.4AI score0.00581EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/24 7:42 p.m.22 views

CVE-2024-32879 social-auth-app-django Improper Handling of Case Sensitivity vulnerability

Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed b...

4.9CVSS5.1AI score0.00581EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.4 views

PT-2024-2179 · Unknown +2 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.8.3 Description: The password reset mechanism of the Directus backend allows attackers to receive a password reset email of a victim user, specifically having it arrive at a similar email address as the victim wi...

8.5CVSS7AI score0.00702EPSS
Exploits1References16
NVD
NVD
added 2023/07/11 8:15 a.m.24 views

CVE-2023-23997

Cross-Site Request Forgery CSRF vulnerability in Dave Jesch Database Collation Fix plugin = 1.2.7 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2023/07/11 8:15 a.m.4 views

CVE-2023-23997

Cross-Site Request Forgery CSRF vulnerability in Dave Jesch Database Collation Fix plugin = 1.2.7 versions...

8.8CVSS7.3AI score0.00256EPSS
Exploits0References1
Prion
Prion
added 2023/07/11 8:15 a.m.13 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Dave Jesch Database Collation Fix plugin = 1.2.7 versions...

6.8CVSS8.7AI score0.00256EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/07/11 7:39 a.m.41 views

CVE-2023-23997

CVE-2023-23997 affects the WordPress Database Collation Fix plugin (

8.8CVSS6.5AI score0.00256EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/11 7:39 a.m.20 views

CVE-2023-23997 WordPress Database Collation Fix Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Dave Jesch Database Collation Fix plugin = 1.2.7 versions...

4.3CVSS7.1AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/11 12:0 a.m.4 views

WordPress Plugin Database Collation Fix 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

8.8CVSS8.1AI score0.00256EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/07/11 12:0 a.m.12 views

Database Collation Fix < 1.2.8 - Cross-Site Request Forgery

Cross-Site Request Forgery CSRF vulnerability in Dave Jesch Database Collation Fix plugin = 1.2.7 versions...

8.8CVSS6.9AI score0.00256EPSS
Exploits0Affected Software1
Rows per page
Query Builder