Lucene search
K

44 matches found

Cvelist
Cvelist
added 2026/06/29 2:0 p.m.34 views

CVE-2026-13573 llvm llvm-project ValueSymbolTable ValueSymbolTable.cpp insert stack-based overflow

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS0.00124EPSS
Exploits0References7
CVE
CVE
added 2026/06/29 2:0 p.m.18 views

CVE-2026-13573

CVE-2026-13573 affects the LLVM project (up to 22.1.6), specifically the ValueSymbolTable module’s file lib/IR/ValueSymbolTable.cpp and its function StringMap::insert. The issue is a stack-based buffer overflow introduced in that function, enabling a local attacker to exploit it. The exploit has ...

4.8CVSS6AI score0.00124EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 2:0 p.m.4 views

CVE-2026-13573 llvm llvm-project ValueSymbolTable ValueSymbolTable.cpp insert stack-based overflow

A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The...

4.8CVSS6AI score0.00124EPSS
Exploits0References9
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-262 NASA AIT-Core vulnerable to SQL Injection

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS5.8AI score0.00603EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.1 views

CVE-2026-33643

SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go...

7.4CVSS6AI score0.00192EPSS
Exploits1References3
CVE
CVE
added 2026/03/30 12:0 a.m.11 views

CVE-2026-33643

CVE-2026-33643 affects SchemaHero 0.23.0 with a SQL Injection flaw in the MySQL plugin path: the column.go processing in plugins/mysql/lib/column.go improperly handles the column parameter, allowing malicious input to alter table schema. Connected sources also describe similar risks in the Postgr...

7.4CVSS6AI score0.00192EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/30 12:0 a.m.25 views

CVE-2026-33643

SQL Injection vulnerability in SchemaHero 0.23.0 via the column parameter to the mysqlColumnAsInsert function in file plugins/mysql/lib/column.go...

0.00192EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1182

Malware in sbrugna...

9.8CVSS9.3AI score0.01916EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.7 views

CVE-2024-35056

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS8.5AI score0.00603EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2024/10/21 11:53 a.m.8 views

CVE-2024-47699

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted...

5.5CVSS6AI score0.00261EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/08/29 3:30 p.m.17 views

FeehiCMS User[avatar] unrestricted upload

A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS6.7AI score0.00756EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2024/08/29 3:30 p.m.41 views

GHSA-XP68-7G33-F49M FeehiCMS User[avatar] unrestricted upload

A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.3CVSS7.9AI score0.00756EPSS
Exploits1References6
OSV
OSV
added 2024/05/21 6:31 p.m.4 views

GHSA-GPGJ-XRGW-8MX2 NASA AIT-Core vulnerable to SQL Injection

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS5.9AI score0.00603EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/05/21 12:0 a.m.6 views

NASA AIT-Core 安全漏洞

NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version v2.5.2 that stems from the inclusion of multiple SQL injection vulnerabilities via the querypackets and insert functions...

9.8CVSS7.8AI score0.00603EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/05/21 12:0 a.m.8 views

PT-2024-26300

Name of the Vulnerable Software and Affected Versions NASA AIT-Core version 2.5.2 Description The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities are present in the query packets and insert functions, allowing for potential SQL injection attacks. There is no informati...

9.8CVSS5.8AI score0.00603EPSS
Exploits1References13
CNNVD
CNNVD
added 2023/06/13 12:0 a.m.4 views

WordPress Plugin WP Directory Kit 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

6.1CVSS5AI score0.00337EPSS
Exploits1References4
OSV
OSV
added 2023/05/30 8:15 p.m.6 views

CVE-2022-47028

An issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of service via arbitary data injection to function insert...

5.5CVSS5.8AI score0.00336EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.7 views

PT-2023-15137 · Unknown · Action Launcher

Name of the Vulnerable Software and Affected Versions: Action Launcher for Android version 50.5 Description: An issue in Action Launcher for Android allows an attacker to cause a denial of service via arbitrary data injection to the insert function. Recommendations: For Action Launcher for Androi...

5.5CVSS7.7AI score0.00336EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.5 views

SUSE CVE-2014-3507

Memory leak in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service memory consumption via zero-length DTLS fragments that trigger improper handling of the return value of a certain...

5CVSS8.3AI score0.51436EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2023/01/15 12:0 a.m.9 views

PT-2023-10224 · Unknown · Tutranta Project Todolist

Name of the Vulnerable Software and Affected Versions: tutranta project todolist affected versions not specified Description: A critical issue was found in the tutrantta project todolist, affecting the getAffectedRows/where/insert/update function in the library/Database.php library. This issue...

9.8CVSS6.5AI score0.00657EPSS
Exploits0References5
Rows per page
Query Builder