Lucene search
K

255 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-40980

In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/16 11:47 a.m.4 views

BIT-MARIADB-MIN-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

8.1CVSS5.2AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 11:47 a.m.3 views

BIT-MARIADB-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

8.1CVSS5.2AI score0.00276EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 6:16 p.m.5 views

ALPINE-CVE-2026-44173

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

5.3CVSS5.2AI score0.00276EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 6:16 p.m.9 views

CVE-2026-44173

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

8.1CVSS0.00276EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2026/06/12 5:34 p.m.10 views

CVE-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

5CVSS5.3AI score0.00276EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 5:34 p.m.45 views

CVE-2026-44173

CVE-2026-44173 affects the MariaDB server (community fork of MySQL). From the provided data, the vulnerability allows the FILE privilege to be bypassed for SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE when the FROM clause contains only subqueries. This behavior exists in MariaDB versions ...

8.1CVSS5.2AI score0.00276EPSS
Exploits0References12Affected Software1
EUVD
EUVD
added 2026/06/12 5:34 p.m.8 views

EUVD-2026-36518

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

5CVSS5.2AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/12 5:34 p.m.40 views

CVE-2026-44173 MariaDB: FILE privilege was not checked for subqueries in the FROM clause

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

5CVSS0.00276EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/12 5:34 p.m.9 views

CVE-2026-44173

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB allowed SELECT ... INTO OUTFILE and SELECT ... INTO DUMPFILE without verifying the FILE privileg...

8.1CVSS5.2AI score0.00276EPSS
Exploits0References12
OSV
OSV
added 2026/06/11 7:16 a.m.9 views

MAL-2026-5588 Malicious code in 0x2ai-demo10x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c4c4b3e66489f3a4383df5e62540498343c5ab3a5ce145df5733b2820efc71b On npm install, scripts/postinstall.cjs runs fs.cpSyncpayload, process.env.INITCWD, recursive: true , copying.mcp.json,...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-45159

Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with access to an end-to-end encrypted files drop link was able to also drop files into other end-to-e...

3.5CVSS5.3AI score0.00203EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 12:0 p.m.9 views

RUSTSEC-2026-0152 Use-after-free

Affected versions of oneringbuf exposed the obsolete IntoRef::intoref method through the public IntoRef trait. For heap-backed ring buffers, this method returned a DroppableRef handle. DroppableRef stored an owning raw pointer created from Box::intoraw. Its Clone implementation copied this raw...

5.9AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.10 views

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2026-1676)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1676 advisory. Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero. CVE-2026-6654 Tenable has extract...

7.3CVSS5.8AI score0.00168EPSS
Exploits1References4
Amazon
Amazon
added 2026/05/14 12:0 a.m.13 views

Important: rust

Issue Overview: Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero. CVE-2026-6654 Affected Packages: rust Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

5.1CVSS5.8AI score0.00168EPSS
Exploits1
RustSec
RustSec
added 2026/05/02 12:0 p.m.10 views

Out-of-bounds read in `bytes_helper` public safe functions

The byteshelper module contains multiple public functions intoarr4, intoarr2, u8fromlebytes that use slice.getuncheckedpos..pos + N without verifying that pos + N = slice.len. These are public safe API functions, allowing any caller to trigger undefined behavior by passing invalid positions. For...

5.8AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013365 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata-readintopages When the network status is unstable, use-after-fr...

7.8CVSS6.1AI score0.00255EPSS
Exploits0References3
NVD
NVD
added 2026/04/20 11:16 a.m.5 views

CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

7.3CVSS0.00168EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/04/20 11:16 a.m.5 views

CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

5.1CVSS5.8AI score0.00168EPSS
Exploits1References2
OSV
OSV
added 2026/04/20 11:16 a.m.4 views

UBUNTU-CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

7.3CVSS5.8AI score0.00168EPSS
Exploits1References3
Rows per page
Query Builder