101 matches found
ALPINE-CVE-2022-43253
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putunweightedpred16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
hfsca.org Cross Site Scripting vulnerability OBB-2975811
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mariadb: crash when using HAVING with NOT EXIST predicate in an equality
A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemsubselect.cc, affecting availability...
Cross-site Scripting (XSS)
github.com/zalando/skipper is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization allowing an attacker to bypass a query predicate via a maliciously crafted request...
GHSA-QX2J-85Q5-FFP8 Query predicate bypass in Zalando Skipper
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request...
Query predicate bypass in Zalando Skipper
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request...
CVE-2022-34296
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request...
CVE-2022-34296
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request...
CVE-2022-34296
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request...
CVE-2022-34296
In Zalando Skipper before 0.13.218, a query predicate could be bypassed via a prepared request...
PT-2022-22112 · Zalando · Zalando Skipper
Name of the Vulnerable Software and Affected Versions: Zalando Skipper versions prior to 0.13.218 Description: A query predicate could be bypassed via a prepared request. Recommendations: For versions prior to 0.13.218, update to version 0.13.218 or later to resolve the issue...
PT-2022-17983 · Apache · Apache Shenyu
Name of the Vulnerable Software and Affected Versions: Apache ShenYu incubating versions 2.4.0 through 2.4.2 Description: The issue arises from the use of Pattern.matches in RegexPredicateJudge.java, where both parameters are controllable by the user. This allows an attacker to pass in malicious...
[SECURITY] Fedora 36 Update: geos-3.10.2-4.fc36
GEOS Geometry Engine - Open Source is a C++ port of the Java Topology Suite JTS. As such, it aims to contain the complete functionality of JTS in C++. This includes all the OpenGIS "Simple Features for SQL" spatial predicate functions and spatial operators, as well as specific JTS topology...
Exploit for Code Injection in Vmware Spring_Cloud_Gateway
Vulnerability Profile Spring Cloud Gateway is a brand new pro...
CVE-2022-25358
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories not read files. This occurs because the safe-path? Scheme predicate is not used for directories...
CVE-2022-25358
A ..%2F path traversal vulnerability exists in the path handler of awful-salmonella-tar before 0.0.4. Attackers can only list directories not read files. This occurs because the safe-path? Scheme predicate is not used for directories...
DEBIAN-CVE-2020-21600
libde265 v1.0.4 contains a heap buffer overflow in the putweightedpredavg16fallback function, which can be exploited via a crafted a file...
GHSA-P9GF-GMFV-398M Double free in slice-deque
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drainfilter upon a panic in a predicate function...
CVE-2021-29938
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drainfilter upon a panic in a predicate function...
Double free
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drainfilter upon a panic in a predicate function...