Eval Injection

Overview litdb is an A literature database tool with GPT integration. Affected versions of this package are vulnerable to Eval Injection via the parseschemadsl function in the extract.py file, which unsafely uses the eval function. This allows an attacker to execute arbitrary Python code on the...

Arbitrary Code Injection

Overview org.webjars.npm:happy-dom is a Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. It includes many web standards from WHATWG DOM and HTML. Affected versions of this package are vulnerable to Arbitrary Code Injection due to default evaluation o...

Sql injection

mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...

CVE-2018-18476

mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...

mysql-binuuid-rails allows SQL Injection by removing default string escaping

mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns. ActiveRecord does not explicitly escape the Binary data type Type::Binary::Data for mysql. mysql-binuuid-rails uses a data type that is derived from the base Binary...

MySQL and SQL field truncated vulnerability-vulnerability warning-the black bar safety net

The current Web developers certainly have a lot of people did not notice the author mentioned these two issues. The first problem is that, MySQL by default has a configuration parameters maxpacketsize, this parameter is used to limit the MySQL client and the MySQL server end of the data...

SNMP Default Community String (deprecated)

Binary data 1368.prm...