11 matches found
EUVD-2026-40079
FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the getgltransactions function where the filtertype parameter is concatenated directly into a SQL IN clause without parameterization. Attackers with SAGLANALYTIC permission can inject arbitrary SQL by supplying a closing...
CVE-2026-40524 FrontAccounting < 2.4.20 SQL Injection via get_gl_transactions()
FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the getgltransactions function where the filtertype parameter is concatenated directly into a SQL IN clause without parameterization. Attackers with SAGLANALYTIC permission can inject arbitrary SQL by supplying a closing...
CVE-2026-54231
CVE-2026-54231 affects ABRT’s post-create event handler scripts in libreport. The event script reads journal entries for the crashed process and writes results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal...
EUVD-2015-8708
Malware in sbrugna...
EUVD-2021-17099
Malware in sbrugna...
jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
...
gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
...
SUSE CVE-2013-4391
Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...
CVE-2013-4391
Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...
Integer overflow
Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...
CVE-2013-4391
Integer overflow in the validuserfield function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow...