Arbitrary Code Injection

Overview google-adk is an Agent Development Kit Affected versions of this package are vulnerable to Arbitrary Code Injection via the the builder UI on Python OSS, Cloud Run, and GKEdue to missing authentication in the process. An attacker can execute arbitrary code on the server by uploading YAML...

Whispers of Wealth: Red-Teaming Google's Agent Payments Protocol Via Prompt Injection

Large language model LLM based agents are increasingly used to automate financial transactions, yet their reliance on contextual reasoning exposes payment systems to prompt-driven manipulation. The Agent Payments Protocol AP2 aims to secure agent-led purchases through cryptographically verifiable...

EUVD-2011-2221

Malware in sbrugna...

CVE-2022-1737

Pyramid Solutions' affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition...

SUSE CVE-2007-3765

The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted STUN length attribute in a STUN packet sent on an RTP port...

SUSE CVE-2015-4923

Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors...

Nvidia Squashes High-Severity Jetson DoS Flaw

Nvidia has patched three vulnerabilities affecting its Jetson lineup, which is a series of embedded computing boards designed for machine-learning applications, in things like autonomous robots, drones and more. A successful exploit could potentially cripple any such gadgets leveraging the affect...

Fieldcomm Group HART-IP and hipserver

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fieldcomm Group Equipment: HARP-IP Developer kit, hipserver Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being...

Security Bulletin: IBM InfoSphere Streams update of IBM® SDK Java™ Technology Edition (CVE-2016-0363, CVE-2016-0376)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 Service Refresh 2 Fix Pack 11 and earlier releases, Version 7R1 Service Refresh 3 Fix Pack 31 and earlier releases, and Version 6 Service Refresh 16 Fix Pack 21 and earlier releases provided with IBM...

Oracle Database Server XML Developer Kit Component Unspecified Vulnerability

Oracle Database Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Multiple Unspecified Vulnerabilities-04 (Mar 2018)

Oracle Database Server is prone to multiple unspecified security vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

UCanCode - Multiple Vulnerabilities

UCanCode multiple vulnerabilities Url: http://www.hmi-software.com/ http://www.ucancode.net/index.htm http://www.ucancode.net/bbs/zhuce/login.htm Description: Form vendor's web page "UCanCode Software is a Market Leading provider of HMI & SCADA, CAD, UML, GIS, Vector Graphics and Real Time Data...

Unspecified Vulnerability in Oracle Database XML Developer's Kit for C Component

Oracle Database is a large database of commercial nature. An unspecified security vulnerability exists in the Oracle Database XML Developer's Kit for C component, which could be exploited by remote attackers to conduct denial-of-service attacks...

CVE-2011-2232

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, and 11.2.0.1, and Oracle Fusion Middleware 10.1.3.5, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, and 11.2.0.1, and Oracle Fusion Middleware 10.1.3.5, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, Oracle Fusion Middleware 10.1.3.5, allows remote attackers to affect availability via unknown vectors...

CVE-2011-2231

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, Oracle Fusion Middleware 10.1.3.5, allows remote attackers to affect availability via unknown vectors...

CVE-2011-2231

CVE-2011-2231 affects Oracle Database Server components (versions 10.1.0.5, 10.2.0.3/4/5, 11.1.0.7, 11.2.0.1) and Oracle Fusion Middleware 10.1.3.5. The XML Developer Kit component harbors an unspecified vulnerability that could allow remote attackers to impact availability via unknown vectors. T...

CVE-2011-2232

CVE-2011-2232 affects Oracle Database Server XML Developer Kit. The vulnerable products include Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, 11.2.0.1 and Oracle Fusion Middleware 10.1.3.5. The issue is described as an unspecified vulnerability in the XML Developer Kit component ...

CVE-2011-2232

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, and 11.2.0.1, and Oracle Fusion Middleware 10.1.3.5, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...