Astra Linux - уязвимость в mariadb-10.3

It has been discovered that MariaDB Server v10.6.3 and earlier contains a use-after-free in the Itemfuncin::cleanup component, which can be exploited through specially crafted SQL statements...

Astra Linux - уязвимость в mariadb-10.3

It was discovered that MariaDB versions 10.2 to 10.7 contain a segmentation fault due to the component Itemfuncin::cleanup/Item::cleanupprocessor...

CVE-2026-5328

A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b5585d6. The impacted element is the function listItem of the file src/main/java/com/suisung/shopsuite/pt/service/impl/ProductIndexServiceImpl.java of the component ProductItemDao Interface. Executing...

Linux Distros Unpatched Vulnerability : CVE-2022-27449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/itemfunc.cc:148. CVE-2022-27449 Note that Nessus relies on t...

CVE-2025-4796 Eventin <= 4.0.34 - Authenticated (Contributor+) Privilege Escalation via User Email Change/Account Takeover

The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34. This is due to the plugin not properly validating a user's identity or capability prior to updating their details like email in the...

CVE-2024-3097

The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getitem function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data includi...

CVE-2025-4069

A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The explo...

CVE-2025-4069 code-projects Product Management System add_item stack-based overflow

A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The explo...

CVE-2025-3166

A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...

CVE-2025-3166 code-projects Product Management System Search Product Menu search_item stack-based overflow

A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function searchitem of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to...

CVE-2024-1937

The Brizy – Page Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'updateitem' function in all versions up to, and including, 2.4.44. This makes it possible for authenticated attackers, with contributor access and above, to...

PT-2024-23696 · WordPress · Nextgen Gallery

Name of the Vulnerable Software and Affected Versions: NextGEN Gallery plugin for WordPress versions up to and including 3.59 Description: The issue allows unauthorized access to data due to a missing capability check on the get item function. This enables unauthenticated attackers to extract...

mariadb: use-after-poison when complex conversion is involved in blob

A flaw was found in the MariaDB Server, where it contains a use-after-free in the component, Itemfuncin::cleanup. This issue is exploited via specially crafted SQL statements, affecting availability...

PT-2023-25699 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical vulnerability has been found in the SourceCodester Lost and Found Information System. This issue affects the component HTTP POST Request Handler, specificall...

PT-2023-20699 · Sourcecodester · Sourcecodester Lost/Found Information System

Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue has been discovered, affecting an unknown function of the file /classes/Master.php?f=delete item. This issue leads to sql injection and can be exploite...

SUSE CVE-2022-27377

MariaDB Server v10.6.3 and below was discovered to contain an use-after-free in the component Itemfuncin::cleanup, which is exploited via specially crafted SQL statements...

The vulnerability of the Item_func_in::cleanup() component of the MariaDB database, which allows a hacker to trigger a service failure.

The vulnerability of the Itemfuncin::cleanup component of the MariaDB database lies in the use of memory after it is freed. Exploiting this vulnerability allows an attacker to trigger a service failure through a specially crafted SQL query...

The vulnerability of the sql/item_func.cc component of the MariaDB database, which allows a hacker to cause service failures.

The vulnerability of the sql/itemfunc.cc component of the MariaDB database is related to the insufficient use of the assert function. Exploiting this vulnerability allows an attacker to cause service failures...

mariadb: use-after-poison when complex conversion is involved in blob

A flaw was found in the MariaDB Server, where it contains a use-after-free in the component, Itemfuncin::cleanup. This issue is exploited via specially crafted SQL statements, affecting availability...

mariadb: server crash in Item_func_in::cleanup/Item::cleanup_processor

MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Itemfuncin::cleanup/Item::cleanupprocessor...