10 matches found
EUVD-2026-37991
Versions of the package ts-deepmerge before 8.0.0 are vulnerable to Uncaught Exception due to the improper handling of built-in Object.prototype methods such as toString, valueOf. When user-controlled input contains these keys with non-function values, the resulting merged object becomes broken —...
Flawfinder 2.0.20
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function...
CVE-2025-67031
ORSEE Online Recruitment System for Economic Experiments 3.1.0 contains an authenticated Remote Code Execution vulnerability in the participant profile field processing subsystem. Certain field configurations accept values beginning with the prefix "func:" which are passed directly into an eval...
Astra Linux – Vulnerability in Mariadb 10.3
SaveWindowFunctionValues in MariaDB before 10.6.3 can cause an application to crash due to incorrect handling of withWindowFunc=true for a subquery...
EUVD-2021-33334
Malicious code in bioql PyPI...
mariadb: save_window_function_values triggers an abort during IN subquery
savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...
mariadb: save_window_function_values triggers an abort during IN subquery
savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...
MariaDB 10.3.0 < 10.3.30 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.3.30. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.3.30 advisory. - MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause...
MariaDB 10.4.0 < 10.4.20 Multiple Vulnerabilities
The version of MariaDB installed on the remote host is prior to 10.4.20. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.4.20 advisory. - MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause...
CVE-2020-1084
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would...