Lucene search
+L

272 matches found

debiancve
debiancve
added 2026/03/20 6:31 p.m.15 views

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

9.9CVSS5.8AI score0.00856EPSS
Exploits1
cvelist
cvelist
added 2026/03/20 6:31 p.m.30 views

CVE-2026-32710 Heap-based Buffer Overflow in MariaDB

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

8.5CVSS0.00856EPSS
Exploits1References2
mariadbunix
mariadbunix
added 2026/03/20 6:31 p.m.30 views

CVE-2026-32710

Disclaimer: This data contains information about vulnerable...

9.9CVSS6.2AI score0.00856EPSS
Exploits1
alpinelinux
alpinelinux
added 2026/03/20 6:31 p.m.8 views

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

9.9CVSS6.1AI score0.00856EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/03/20 6:31 p.m.13 views

CVE-2026-32710

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

8.5CVSS6.1AI score0.00856EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2026/03/20 6:31 p.m.4 views

CVE-2026-32710 Heap-based Buffer Overflow in MariaDB

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

8.5CVSS6.1AI score0.00856EPSS
Exploits1References2
osv
osv
added 2026/03/20 6:31 p.m.4 views

CVE-2026-32710 Heap-based Buffer Overflow in MariaDB

MariaDB server is a community developed fork of MySQL server. An authenticated user can crash MariaDB versions 11.4 before 11.4.10 and 11.8 before 11.8.6 via a bug in JSONSCHEMAVALID function. Under certain conditions it might be possible to turn the crash into a remote code execution. These...

8.5CVSS6.2AI score0.00856EPSS
Exploits1References4
cnnvd
cnnvd
added 2026/03/20 12:0 a.m.9 views

MariaDB 安全漏洞

MariaDB is an open-source relational database management system developed by MariaDB Corporation. Vulnerabilities exist in versions prior to 11.4.10, 11.8.6, and 12.2.2, stemming from defects in the JSONSCHEMAVALID function. These vulnerabilities could lead to crashes or remote code execution...

9.9CVSS6.2AI score0.00856EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/03/20 12:0 a.m.8 views

PT-2026-26661

Name of the Vulnerable Software and Affected Versions MariaDB versions 11.4 prior to 11.4.10 MariaDB versions 11.8 prior to 11.8.6 Description An authenticated user can cause a server crash due to a buffer overflow in dynamic memory heap out-of-bounds write within the JSON SCHEMA VALID function...

9.9CVSS6.6AI score0.00856EPSS
Exploits1References36
osv
osv
added 2026/03/05 2:28 p.m.3 views

SUSE-SU-2026:20685-1 Security update for helm

This update for helm fixes the following issues: - Update to version 3.19.1: CVE-2025-47911: golang.org/x/net/html: Fixed various algorithms with quadratic complexity when parsing HTML documents bsc1251442 CVE-2025-58190: golang.org/x/net/html: Fixed xcessive memory consumption by...

5.3CVSS5.8AI score0.00502EPSS
Exploits1References5
osv
osv
added 2026/03/05 2:27 p.m.3 views

OPENSUSE-SU-2026:20327-1 Security update for helm

This update for helm fixes the following issues: - Update to version 3.19.1: CVE-2025-47911: golang.org/x/net/html: Fixed various algorithms with quadratic complexity when parsing HTML documents bsc1251442 CVE-2025-58190: golang.org/x/net/html: Fixed xcessive memory consumption by...

5.3CVSS7.2AI score0.00502EPSS
Exploits1References4
nessus
nessus
added 2026/02/12 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-69873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keywor...

7.5CVSS6.4AI score0.00492EPSS
Exploits1References3
osv
osv
added 2026/02/11 9:30 p.m.7 views

GHSA-2G4F-4PWH-QVX6 ajv has ReDoS when using `$data` option

ajv Another JSON Schema Validator through version 8.17.1 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor...

6.9CVSS5.8AI score0.00492EPSS
Exploits1References11
github
github
added 2026/02/11 9:30 p.m.12 views

ajv has ReDoS when using `$data` option

ajv Another JSON Schema Validator through version 8.17.1 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor...

7.5CVSS5.9AI score0.00492EPSS
Exploits1References10Affected Software1
osv
osv
added 2026/02/11 7:15 p.m.4 views

DEBIAN-CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

2.9CVSS6.4AI score0.00492EPSS
Exploits1References1
nvd
nvd
added 2026/02/11 7:15 p.m.8 views

CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

7.5CVSS0.00492EPSS
Exploits1References34
osv
osv
added 2026/02/11 7:15 p.m.10 views

UBUNTU-CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

7.5CVSS6.5AI score0.00492EPSS
Exploits1References3
cvelist
cvelist
added 2026/02/11 12:0 a.m.32 views

CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

2.9CVSS0.00492EPSS
Exploits1References6
cnnvd
cnnvd
added 2026/02/11 12:0 a.m.8 views

Ajv JSON schema validator 安全漏洞

Ajv JSON schema validator is an open-source JSON format verifier developed by Ajv. Versions of Ajv JSON schema validator prior to 8.17.1 contained a security vulnerability. This vulnerability arises from the possibility of a denial-of-service attack due to the use of the $data option, which may...

7.5CVSS6.4AI score0.00492EPSS
Exploits1References6
snyk
snyk
added 2026/02/11 12:0 a.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:ajv is an Another JSON Schema Validator Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to improper validation of the pattern keyword when combined with $data references. An attacker can cause the application to become...

8.2CVSS5.7AI score0.00492EPSS
Exploits1References2
Rows per page
Query Builder