Lucene search
+L

36 matches found

Prion
Prion
added 2022/09/15 10:15 p.m.13 views

Authentication flaw

Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user-provided uncompressed length is correct. If user provides fake length, that is greater than the real one, part of...

5.1CVSS7.9AI score0.01019EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/09/15 9:20 p.m.62 views

CVE-2022-29240

The CVE-2022-29240 issue is an uninitialized memory read during LZ4 decompression of a CQL frame in Scylla. If a user supplies a forged uncompressed length, part of the decompression buffer can remain uninitialized, enabling exploitation based on privileges. Reported impacts include an authentica...

8.1CVSS8.1AI score0.01019EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.6 views

PT-2022-19490 · Scylla +2 · Scylla Enterprise +3

Name of the Vulnerable Software and Affected Versions: Scylla Enterprise versions prior to 2020.1.14 Scylla Enterprise versions prior to 2021.1.12 Scylla Enterprise version 2022.1.0 Scylla Open Source versions prior to 4.6.7 Scylla Open Source versions prior to 5.0.3 Description: Scylla is a...

8.1CVSS8.1AI score0.01019EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/11/03 12:0 a.m.34 views

Apache Cassandra CQL Shell Service Detection

Binary data apachecassandraremotedetection.nbin...

7.3AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/04/10 2:49 p.m.26 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS1.8AI score0.01858EPSS
Exploits1References1
NVD
NVD
added 2018/04/04 7:29 a.m.24 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS7.3AI score0.01858EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2018/04/04 7:29 a.m.21 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS6.8AI score0.01858EPSS
Exploits1References4
OSV
OSV
added 2018/04/04 7:29 a.m.3 views

DEBIAN-CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS8.7AI score0.01858EPSS
Exploits1References1
Prion
Prion
added 2018/04/04 7:29 a.m.20 views

Code injection

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

5CVSS7.3AI score0.01858EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/04/04 7:29 a.m.19 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS6.9AI score
Exploits0References3
Debian CVE
Debian CVE
added 2018/04/04 7:0 a.m.36 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS1.8AI score0.01858EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2018/04/04 7:0 a.m.53 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.5CVSS7.4AI score0.01858EPSS
Exploits1
CVE
CVE
added 2018/04/04 7:0 a.m.99 views

CVE-2018-9257

CVE-2018-9257 affects Wireshark 2.4.0–2.4.5 where the CQL dissector could enter an infinite loop. The root cause, as documented, is in epan/dissectors/packet-cql.c, mitigated by adding a check for a nonzero number of columns. The vulnerability details are supported by the NVD entry and related ad...

7.5CVSS7.2AI score0.01858EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2018/04/04 7:0 a.m.24 views

CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

7.3AI score0.01858EPSS
Exploits1References3
CNVD
CNVD
added 2018/04/04 12:0 a.m.4 views

Wireshark CQL Parser Infinite Loop Vulnerability

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.CQL dissector is one of the CQL query language parsers. A security vulnerability exists i...

7.5CVSS6.7AI score0.01858EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2018/04/03 12:0 a.m.59 views

KLA11220 Multiple vulnerabilities in Wireshark

Multiple serious vulnerabilities have been found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. A vulnenerability related to MP4 dissector can be exploited remotely via specially designed packet or packet...

5.5CVSS6.4AI score0.01033EPSS
Exploits0References12
Rows per page
Query Builder