16 matches found
CVE-2026-41042
The CVE-2026-41042 issue affects Apache Gravitino prior to 1.2.1. Unauthenticated callers can supply a crafted H2 JDBC URL through testConnection, leading to arbitrary Java code execution on the server via H2 INIT. Exploitation is network-based with no user interaction, focused when H2 is used (c...
EUVD-2026-42221
Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino. This issue affects Apache Gravitino: before 1.2.1. Users are recommended to upgrade to version...
CVE-2026-53751 DataEase: H2 JDBC URL Filter Bypass Leads to Remote Code Execution (RCE)
DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous...
CVE-2026-53751 DataEase: H2 JDBC URL Filter Bypass Leads to Remote Code Execution (RCE)
DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous...
CVE-2025-29338
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...
PT-2026-40630
Name of the Vulnerable Software and Affected Versions NXP moal.ko versions prior to 5.1.7.10 Description A stack buffer overflow exists in the wireless kernel module. The issue occurs within the woal init module param function via the mod para parameter. Recommendations Update to version 5.1.7.10...
CVE-2025-56819
An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter...
CVE-2025-56819
An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter...
CVE-2025-56819
An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter...
CVE-2025-56819
Datart v1.0.0-rc.3 contains a remote code execution vulnerability (CVE-2025-56819) due to improper handling of the INIT connection parameter. The issue allows an unauthenticated, network-originated attacker to execute arbitrary code with high impact (CVE details indicate C:H/I:H/A:H under CVSS 3....
PT-2025-39288
Name of the Vulnerable Software and Affected Versions Datart version 1.0.0-rc.3 Description An issue allows a remote attacker to execute arbitrary code via the INIT connection parameter. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
CVE-2025-38266 pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Commit 3ef9f710efcb "pinctrl: mediatek: Add EINT support for multiple addresses" introduced an access to the 'soc' field of struct mtkpinctrl in...
kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature
In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corruptbiobyte feature Fix memory corruption due to incorrect parameter being passed to bioinit...
kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature
In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corruptbiobyte feature Fix memory corruption due to incorrect parameter being passed to bioinit...
UBUNTU-CVE-2025-21966
In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corruptbiobyte feature Fix memory corruption due to incorrect parameter being passed to bioinit...
CVE-2025-21966 dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature
In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corruptbiobyte feature Fix memory corruption due to incorrect parameter being passed to bioinit...