EUVD-2019-0721

Malware in sbrugna...

EUVD-2022-6798

Malicious code in bioql PyPI...

datashadric (=0.2.2), superset-hetuengine-connector (=0.1.11) +1 more potentially affected by CVE-2025-55674 via apache-superset (=6.0.0)

apache-superset PYPI version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-superset and may be impacted: - datashadric =0.2.2 - superset-hetuengine-connector =0.1.11 - superset-sqlalchemy-gizmosql-adbc-dialect =0.0.10 Source cves:...

DEBIAN-CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

UBUNTU-CVE-2022-49938

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

CVE-2019-20436

An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. If there is a claim dialect configured with an XSS payload in the dialect URI, and a user picks up this dialect's URI and adds it as the service provider claim dialect while configurin...

CVE-2019-10749

sequelize before version 3.35.1 allows attackers to perform a SQL Injection due to the JSON path keys not being properly sanitized in the Postgres dialect...

CVE-2019-10757

knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB...

CVE-2025-47736

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

Astra Linux - уязвимость в llvm-toolchain-15

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect...

@dialectlabs/react (>=0.4.8 <=0.5.1) potentially affected by CVE-2024-30253 via @solana/web3.js (=1.38.0)

@solana/web3.js NPM version =1.38.0 is affected by a known vulnerability. The following packages have a transitive dependency on @solana/web3.js and may be impacted: - @dialectlabs/react =0.4.8, =0.5.1 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...

BIT-TENSORFLOW-2022-23594 Out of bounds read in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow MLIR makes several assumptions about the incoming GraphDef before converting it to the MLIR-based dialect. If an attacker changes the SavedModel format on disk to invalidate these assumptions and the GraphDef i...

kernel: cifs: fix small mempool leak in SMB2_negotiate()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate In some cases of failure dialect mismatches in SMB2negotiate, after the request is sent, the checks would return -EIO when they should be rather setting rc = -EIO and jumping to negex...

SUSE CVE-2023-29934

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect...

CVE-2023-29934

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect...

Design/Logic Flaw

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect...

UBUNTU-CVE-2023-29934

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect...

CVE-2023-29934

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect...

PT-2023-22487 · Unknown +4 · Llvm-Project +4

Name of the Vulnerable Software and Affected Versions: llvm-project affected versions not specified Description: The issue is related to a segmentation fault in the llvm-project, specifically via the component mlir::Type::getDialect. There is no information provided about the estimated number of...

GHSA-FJ2M-W3WV-X9PR Apache Calcite before 1.32.0 vulnerable to potential XML External Entity (XXE) attack

In Apache Calcite prior to version 1.32.0 the SQL operators EXISTSNODE, EXTRACTXML, XMLTRANSFORM and EXTRACTVALUE do not restrict XML External Entity references in their configuration, which makes them vulnerable to a potential XML External Entity XXE attack. Therefore any client exposing these...