3 matches found
Authenticated Remote Code Execution via loadReader functionName code injection in DbGate
Summary DbGate is vulnerable to authenticated Remote Code Execution RCE. Any user with valid DbGate credentials can execute arbitrary OS commands as root by exploiting an unsanitized functionName parameter in the /runners/load-reader endpoint. The require = null mitigation is trivially bypassed v...
SUSE CVE-2025-10998
A vulnerability has been found in Open Babel up to 3.1.1. The affected element is the function ChemKinFormat::ReadReactionQualifierLines of the file /src/formats/chemkinformat.cpp. The manipulation leads to null pointer dereference. The attack can only be performed from a local environment. The...
CVE-2022-36145
SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::Reader::getWord...