59 matches found
EUVD-2022-37871
Malicious code in bioql PyPI...
EUVD-2022-7269
Malicious code in bioql PyPI...
EUVD-2024-35387
Malicious code in bioql PyPI...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2022-34969
PingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference...
CVE-2024-33809
PingCAP TiDB v7.5.1 was discovered to contain a buffer overflow vulnerability, which could lead to database crashes and denial of service attacks...
CVE-2024-35618
PingCAP TiDB v7.5.1 was discovered to contain a NULL pointer dereference via the component SortedRowContainer...
SUSE CVE-2024-37820
A nil pointer dereference in PingCAP TiDB v8.2.0-alpha-216-gfe5858b allows attackers to crash the application via expression.inferCollation...
GO-2024-3284 PingCAP TiDB nil pointer dereference in github.com/pingcap/tidb
PingCAP TiDB nil pointer dereference in github.com/pingcap/tidb. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
CVE-2024-41434
PingCAP TiDB v8.1.0 is affected by a buffer overflow in the (*Column).GetDecimal path that can enable a Denial of Service via crafted input to RemoveUnnecessaryFirstRow. The issue arises because the code checks the expression between Agg and GroupBy but does not verify the return type. PingCAP di...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41433
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component expression.ExplainExpressionList. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input. NOTE: PingCAP maintains that the actual reproduction of this issue did not cause the securi...
CVE-2024-41433
CVE-2024-41433 affects PingCAP TiDB 8.1.0, with a buffer overflow in the component expression.ExplainExpressionList. The vulnerability could allow an attacker to induce a Denial of Service via crafted input. PingCAP notes that the reproduced issue did not cause service interruption for other user...
CVE-2024-41434
PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...
PingCAP TiDB 安全漏洞
PingCAP TiDB is an open source, cloud-native, distributed, MySQL-compatible database for elastic scaling and real-time analytics from China-based PingCAP. A security vulnerability exists in PingCAP TiDB version v8.1.0, which stems from a buffer overflow issue contained in the...