Lucene search
K

11 matches found

OSV
OSV
added 2025/07/15 8:15 p.m.4 views

CVE-2025-50066

Vulnerability in the Oracle Database Materialized View component of Oracle Database Server. Supported versions that are affected are 19.3-19.27, 21.3-21.18 and 23.4-23.8. Easily exploitable vulnerability allows high privileged attacker having Execute on DBMSREDEFINITION privilege with network...

2.7CVSS5.8AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2022/06/17 12:12 a.m.2 views

GHSA-8MV5-7X95-7WCF `mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

9.8CVSS6.4AI score0.01646EPSS
Exploits0References3
Debian
Debian
added 2021/08/11 8:41 p.m.46 views

[SECURITY] [DSA 4946-2] openjdk-11-jre-dcevm update

------------------------------------------------------------------------- Debian Security Advisory DSA-4946-2 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 11, 2021 https://www.debian.org/security/faq -...

6.9AI score
Exploits0
OSV
OSV
added 2021/06/01 12:0 p.m.36 views

RUSTSEC-2021-0095 `mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

9.8CVSS9.7AI score0.01646EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.

...

6.4CVSS7AI score0.00977EPSS
Exploits0
Cvelist
Cvelist
added 2020/01/22 12:49 p.m.32 views

CVE-2018-16267

The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before...

8.1AI score0.0068EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/09/03 12:0 a.m.58 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox, mozilla-nss (SUSE-SU-2015:1476-1)

Mozilla Firefox was updated to version 38.2.1 ESR to fix several critical and non critical security vulnerabilities. - Firefox was updated to 38.2.1 ESR bsc943608 - MFSA 2015-94/CVE-2015-4497 bsc943557 Use-after-free when resizing canvas element during restyling - MFSA 2015-95/CVE-2015-4498...

10CVSS7.4AI score0.70226EPSS
Exploits8References37
GoogleProjectZero
GoogleProjectZero
added 2015/08/17 12:0 a.m.78 views

Attacking ECMAScript Engines with Redefinition

Posted by Natalie Silvanovich = function return n; ECMAScript has a property where almost all functions and variables can be dynamically redefined. This can lead to vulnerabilities in situations where native code assumes a function or variable behaves a certain way when accessed or does not have...

10CVSS10AI score0.99344EPSS
Exploits16
RedHat Linux
RedHat Linux
added 2010/11/23 3:59 p.m.8 views

PL/Tcl): SECURITY DEFINER function keyword bypass

The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allow...

6CVSS7.7AI score0.03331EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2007/11/01 12:0 a.m.26 views

syner-lfi.txt

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg Original here: http://www.inj3ct-it.org/exploit/syner.txt...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2002/11/21 5:0 a.m.20 views

CVE-2002-1204

Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the userpref function and accessing the prefs.js file, which is stored in a...

6.1AI score0.01318EPSS
Exploits0References4
Rows per page
Query Builder