111 matches found
MongoDB C Driver 安全漏洞
The MongoDB C Driver is an open-source client driver library for connecting to and operating MongoDB databases in C-language programs. There is a security vulnerability in the MongoDB C Driver, which stems from the lack of proper validation of file metadata by the traditional GridFS API. This...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Validate the persistent meta data subbuf array The meta data for a mapped ring buffer contains an array of indexes of all the subbuffers. The first entry is the reader page, and the rest of the entries lay out the...
CVE-2026-6967
Affected software: awslabs/tough (before tough-v0.22.0) with delegated metadata validation. Root cause: missing expiration, hash, and length enforcement in delegated metadata validation causing load_delegations to bypass TUF integrity checks for delegated targets metadata. Impact: remote authenti...
CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
Droplet Agent 安全漏洞
Droplet Agent is an open-source tool developed by DigitalOcean for managing and monitoring DigitalOcean Droplets. Versions of Droplet Agent prior to 1.3.2 contain security vulnerabilities. These vulnerabilities stem from the fault diagnosis executor component failing to properly validate inputs...
CVE-2026-25055
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...
CVE-2026-25055
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...
DEBIAN-CVE-2025-14911
User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding container...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow via the chunkSize metadata field in GridFS, which lacks proper validation. An attacker can cause the bounding container to overflow by supplying malformed metadata, resulting in a denial of service. Remediation Upgrade...
EUVD-2025-206387
User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding container...
CVE-2025-14911 Integer Overflow in GridFS chunkSize Leading to Heap Allocation Failure
User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding container...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990038)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990038 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUGON while continue reshape after reassembling Currently, mdadm support...
Arbitrary File Upload
com.vaadin:vaadin-server is vulnerable to an Arbitrary File Upload. The vulnerability is due to insufficient validation of metadata in the start listener of incoming uploads, which allows an attacker to bypass upload validation and potentially upload unauthorized or malicious files...
EUVD-2014-4345
Malware in sbrugna...
EUVD-2021-1579
Malware in sbrugna...
EUVD-2017-1411
Malware in sbrugna...
EUVD-2014-4315
Malware in sbrugna...
EUVD-2023-25822
Malicious code in bioql PyPI...
EUVD-2025-26701
Malicious code in bioql PyPI...
EUVD-2024-31961
Malicious code in bioql PyPI...