CVE-2024-45851

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for list item creation. If such a...

CVE-2024-45851

CVE-2024-45851 : MindsDB platforms versions 23.10.5.0–24.7.4.1 are vulnerable when the Microsoft SharePoint integration is installed. For databases created with the SharePoint engine, an INSERT query can carry Python code which is passed to an eval function and executed on the server, enabling ar...

CVE-2024-45851

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for list item creation. If such a...

CVE-2024-45850

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a...

CVE-2024-45850

The CVE-2024-45850 entry describes an arbitrary code execution vulnerability in MindsDB versions 23.10.5.0 through 24.7.4.1 when the Microsoft SharePoint integration is installed. The issue arises in databases created with the SharePoint engine: an ‘INSERT’ query used for site column creation can...

CVE-2024-45850

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a...

CVE-2024-45849

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for list creation. If such a query i...

CVE-2024-45849

The MindsDB CVE-2024-45849 vulnerability is confirmed to be an arbitrary code execution via the Microsoft SharePoint integration. A specially crafted INSERT query on databases created with the SharePoint engine can inject Python code that is passed to eval() and executed on the server. Affected v...

CVE-2024-45849

An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for list creation. If such a query i...

CVE-2024-45848

An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT’ query containing Python code is run against a database created with the ChromaDB engine, the cod...

MindsDB 安全漏洞

MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A security vulnerability exists in MindsDB versions 23.10.5.0 through 24.7.4.1, which stems from the presence of an arbitrary code execution vulnerability, where if a specially crafted INSERT query containing Python code...

MindsDB 安全漏洞

MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A security vulnerability exists in MindsDB versions 23.12.4.0 through 24.7.4.1, which stems from the presence of an arbitrary code execution vulnerability that is passed to the eval function and executed on the server if...

MindsDB 安全漏洞

MindsDB is an emerging low-code machine learning platform from MindsDB, Inc. A security vulnerability exists in MindsDB versions 23.10.5.0 through 24.7.4.1, which stems from the presence of an arbitrary code execution vulnerability, whereby if a specially crafted INSERT query containing Python co...

PT-2024-6369 · Mindsdb +1 · Mindsdb +1

Name of the Vulnerable Software and Affected Versions: MindsDB versions 23.12.4.0 through 24.7.4.1 Description: An arbitrary code execution issue exists when the ChromaDB integration is installed on the server. If a specially crafted INSERT query containing Python code is run against a database...

PT-2024-6370 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: MindsDB versions 23.10.5.0 through 24.7.4.1 Description: An arbitrary code execution issue exists when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, a specially crafted...

PT-2024-6367 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: MindsDB versions 23.10.5.0 through 24.7.4.1 Description: An arbitrary code execution issue exists when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, a specially crafted...

CVE-2024-41435

YugabyteDB v2.21.1.0 was discovered to contain a buffer overflow via the "insert into" parameter...

CVE-2024-41435

CVE-2024-41435 affects YugabyteDB v2.21.1.0, with a buffer overflow in the insert into parameter. Multiple sources confirm the issue and classify the impact as high (CVSSv3.1: 7.5, Network attack vector, no privileges or user interaction required; availability impact is High). Red Hat and PT-Se...

YugabyteDB 安全漏洞

YugabyteDB is a high-performance transactional distributed SQL database for cloud-native applications from Yugabyte USA. A security vulnerability exists in YugabyteDB version v2.21.1.0, which stems from a buffer overflow issue in the insert into parameter...

CVE-2024-41435

YugabyteDB v2.21.1.0 was discovered to contain a buffer overflow via the "insert into" parameter...