16 matches found
CVE-2026-11529
A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function readresource of the file src/mysqlmcpserver/server.py of the component mysql URI Handler. This manipulation of the argument uristr causes sql injection. Remote exploitation of the...
SQL Injection
Overview mysql-mcp-server is an A Model Context Protocol MCP server that enables secure interaction with MySQL databases. This server allows AI assistants to list tables, read data, and execute SQL queries through a controlled interface, making database exploration and analysis safer and more...
EUVD-2026-35108
A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function readresource of the file src/mysqlmcpserver/server.py of the component mysql URI Handler. This manipulation of the argument uristr causes sql injection. Remote exploitation of the...
CVE-2026-11529 designcomputer mysql-mcp-server mysql URI server.py read_resource sql injection
A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function readresource of the file src/mysqlmcpserver/server.py of the component mysql URI Handler. This manipulation of the argument uristr causes sql injection. Remote exploitation of the...
MySQL MCP Server 注入漏洞
The MySQL MCP Server is a security connection tool developed by Dana K. Williams. It allows interaction between AI and MySQL databases. Versions of the MySQL MCP Server prior to 0.2.2 have a vulnerability due to improper handling of the parameter uristr in the readresource function of the...
PT-2026-47311
A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function read resource of the file src/mysql mcp server/server.py of the component mysql URI Handler. This manipulation of the argument uri str causes sql injection. Remote exploitation of t...
CVE-2023-47564
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...
SUSE CVE-2010-2519
Heap-based buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file...
SUSE CVE-2010-2808
Buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File aka LWFN font...
SUSE CVE-2014-9673
Integer signedness error in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted Mac font...
SUSE-SU-2019:2452-1 Security update for djvulibre
This update for djvulibre fixes the following issues: Security issues fixed: - CVE-2019-15142: Fixed heap-based buffer over-read bsc1146702. - CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files bsc1146569. - CVE-2019-15144: Fixed denial-of-service caused by crafted PBM imag...
FreeType 'Mac_Read_POST_Resource' Function Denial of Service Vulnerability
FreeType is a library of popular font functions. A security vulnerability exists in the 'MacReadPOSTResource' function in the FreeType 'base/ftobjs.c' file. Due to the program failing to validate the source value when increasing the length value. A remote attacker could cause a denial of service...
UBUNTU-CVE-2014-9673
Integer signedness error in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted Mac font...
FreeType: Stack-based buffer overflow by processing certain LWFN fonts
Buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File aka LWFN font...
DEBIAN-CVE-2010-2499
Buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment...
PT-2010-1117 · Freetype +1 · Freetype +1
Name of the Vulnerable Software and Affected Versions: freetype versions prior to 2.4.8 freetype versions prior to 2.4.2 Description: The issue affects the freetype package in Gentoo Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information...