CVE-2022-30331

The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...

CVE-2020-25234

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions UDF in a password protected way. This...

CVE-2012-6565

Cross-site scripting XSS vulnerability in REDCap before 4.14.3 allows remote authenticated users to inject arbitrary web script or HTML via uppercase characters in JavaScript events within user-defined labels...

Versa Concerto SD-WAN 安全漏洞

Versa Concerto SD-WAN is an easy-to-use user interface from Versa for configuring and monitoring Versa OS devices in a secure SD-WAN. A security vulnerability exists in Versa Concerto SD-WAN versions 12.1.2 through 12.2.0, which stems from an authentication bypass in the Traefik Reverse Proxy...

AI-Driven Dynamic Firewall Optimization Using Reinforcement Learning for Anomaly Detection and Prevention

The growing complexity of cyber threats has rendered static firewalls increasingly ineffective for dynamic, real-time intrusion prevention. This paper proposes a novel AI-driven dynamic firewall optimization framework that leverages deep reinforcement learning DRL to autonomously adapt and update...

RHEL 8 / 9 : Red Hat Ceph Storage 6.1 update (Important) (RHSA-2025:4238)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4238 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.3 Bug Fix Update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.18.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation...

Arbitrary Code Injection

Overview org.apache.iotdb:iotdb-server is a data management system for time series data, which can provide users specific services, such as, data collection, storage and analysis. Affected versions of this package are vulnerable to Arbitrary Code Injection through the registration of user-defined...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the registration of user-defined functions UDFs from untrusted sources. An attacker with the privilege to create UDFs can execute arbitrary code by registering a malicious function. Remediation Upgrade...

GHSA-F4RQ-F4J9-F6RM Apache IoTDB Vulnerable to Remote Code Execution

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

CVE-2024-24780

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

PYSEC-2025-59

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who hasprivilege to create UDF can register malicious function fromuntrusted URI.This issue affects Apache IoTDB: from 1.0.0 before 1.3.4.Users are recommended to upgrade to version 1.3.4, which fixes the...

CVE-2024-24780 Apache IoTDB: Remote Code Execution with untrusted URI of User-defined function

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

CVE-2024-24780 Apache IoTDB: Remote Code Execution with untrusted URI of User-defined function

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

Optimizing DDoS Detection in SDNs through Machine Learning Models

The emergence of Software-Defined Networking SDN has changed the network structure by separating the control plane from the data plane. However, this innovation has also increased susceptibility to DDoS attacks. Existing detection techniques are often ineffective due to data imbalance and accurac...

Amazon Linux 2023 : lemon, sqlite, sqlite-analyzer (ALAS2023-2025-971)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-971 advisory. SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such ...

CVE-2025-20187

A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to improper validation of requests to APIs. An attacker could...

CVE-2025-20155

A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...

Important: Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security, bug fix, and enhancement updates

An update is now available for Red Hat Ceph Storage 7.1. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. These new packages...

CVE-2025-37770

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...