24714 matches found
CVE-2026-9065
SureCart
CVE-2026-9065
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
EUVD-2026-31072
SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters 'modelname', 'modelid', 'integrationid', 'provider' on the REST API endpoint '/surecart/v1/integrations/id'. The root cause is a flawed escaping bypass in the query builder 'wp-query-builder'...
CVE-2026-9059
NextGEN Gallery (WordPress) versions prior to 4.2.1 are vulnerable to an authenticated SQL injection. The issue is in the data mapper layer where _clean_column() uses a blacklist instead of a whitelist, allowing an authenticated attacker with the Administrator role (NextGEN Gallery overview capab...
CVE-2026-9059 NextGEN Gallery - SQL Injection
NextGEN Gallery version prior to 4.2.1 are vulnerable to authenticated SQL injection via the 'orderby' parameter on the REST API endpoints '/imagely/v1/galleries' and '/imagely/v1/albums'. The root cause is an insufficient sanitization function 'cleancolumn' in the data mapper layer that uses a...
Astra Linux - уязвимость в postgresql-11
Incomplete tracking of tables with row security in PostgreSQL allows a reused query to view or modify different rows than intended. CVE-2023-2455 and CVE-2016-2193 addressed most interactions between row security and changes to user IDs. However, they did not cover cases where a subquery, WITH...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fixed a potential NULL pointer dereferencing in ionicqueryport. The function ionicqueryport calls ibdevicegetnetdev without checking the return value, which could lead to NULL pointer dereferencing. This issue has bee...
Astra Linux - уязвимость в unbound
The DNS protocol in RFC 1035 and its updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries to be accumulated over seconds. As a result, responses are sent in a pulsing burst, which can be considered traffic amplification in some cases. This...
Astra Linux - уязвимость в pgpool2
In Pgpool-II, there is a risk of exposing sensitive information due to incompatible policy issues. If a database user accesses the query cache, unauthorized table data may be retrieved for that user...
Astra Linux - уязвимость в 389-ds-base
When using a syncrepl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, resulting in a crash...
Astra Linux - уязвимость в uriparser
A issue was discovered in uriparser through 0.9.7. The ComposeQueryEngine in UriQuery.c has an integer overflow due to long keys or values, resulting in a buffer overflow...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed the OOB write issue in QUERYINFO for compound requests. When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd might write beyond...
Astra Linux - уязвимость в ntp
In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...
Astra Linux - уязвимость в mariadb-10.3
It has been discovered that MariaDB Server v10.6.5 and earlier contain a use-after-free in the Itemargs::walkarg component, which can be exploited through specially crafted SQL statements...
Astra Linux - уязвимость в python-pymysql
PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input, because keys are not escaped by escapedict...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an out-of-bounds write issue in smb2getea when performing EA alignment. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the handling of the SMB2TREECONNECT and SMB2QUERYINFO commands. The issue arises from the lack of proper validation of a pointer before accessing it. An...
Astra Linux - уязвимость в linux-5.10, linux
In rndisqueryoid in drivers/net/wireless/rndiswlan.c within the Linux kernel, from version 6.1.5 onwards, there is an integer overflow in a mathematical operation...
Astra Linux - уязвимость в sqlite3
In SQLite before version 3.32.3, select.c improperly handled the query-flattener optimization, resulting in a multiSelectOrderBy heap overflow due to the misuse of transitive properties for constant propagation...
Astra Linux - уязвимость в node-qs
The qs format used before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process to hang for an Express application. This is because the proto key can be exploited. In many typical Express use cases, an unauthenticated remote attacker can insert the...