Lucene search
K

11 matches found

EUVD
EUVD
added 2026/06/30 1:56 p.m.6 views

EUVD-2026-40326

openGauss 在处理带 NLS 参数的 totimestamp 调用时,totimestampwithfmtnls 会将 nlsfmtstr 保存到 usess-parsercxt.nlsfmtstr。在 seqscan + sort 执行路径下,该字符串原本被分配在 SeqScan 的表达式上下文中;当 SeqScan 完成后,该内存上下文会被 reset,但后续结果输出阶段 timestampout 仍会通过 CheckNlsFormat 访问 usess-parsercxt.nlsfmtstr,导致访问已释放内存。攻击者在具备数据库 SQL 执行权限的情况下,可构造特定...

5.9CVSS5.8AI score0.00351EPSS
Exploits0References1
Snyk
Snyk
added 2026/04/22 10:22 p.m.8 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the ToolConfigModel tool and config name handling in the Ruby and Python models. An attacker can write or delete arbitrary files within the shared /plugins directory by supplying tool or config names containi...

5.3CVSS5.9AI score0.00313EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/14 9:25 p.m.4 views

EUVD-2026-22716

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the notebook module contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated student to read the private course notes of any other user on the platform by manipulating t...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.5 views

CVE-2026-33737

Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, multiple files use simplexmlloadstring without XXE protection. With LIBXMLNOENT flag, arbitrary server files can be read. This vulnerability is fixed in 1.11.38 and 2.0.0-RC.3...

6.5CVSS5.9AI score0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/17 12:0 a.m.5 views

CVE-2025-70828

An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...

6.1AI score0.00478EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/13 6:10 p.m.25 views

CVE-2026-21878 BACnet Stack Improperly Limits Pathnames to a Restricted Directory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS0.00356EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.7 views

BACnet Stack 路径遍历漏洞

BACnet Stack is an open-source protocol stack for BACnet, suitable for embedded systems, Linux, MacOS, BSD, and Windows. Versions of BACnet Stack prior to 1.5.0.rc3 contained a path traversal vulnerability. This vulnerability stemmed from the lack of validation for the file writing function,...

7.5CVSS5.9AI score0.00356EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 a.m.10 views

CVE-2026-24801

Vulnerability in Ralim IronOS source/Core/BSP/Pinecilv2/blmcusdk/components/ble/blestack/common/tinycrypt/source modules. This vulnerability is associated with program files eccdsa.C. This issue affects IronOS: before v2.23-rc3...

6.9CVSS5.9AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/02/20 12:0 a.m.7 views

notation-go 安全漏洞

notation-go is a collection of libraries that support signing and verifying OCI artifacts for notaryproject individual developers. A security vulnerability exists in notation-go versions prior to 1.0.0-rc.3, which is caused by an application taking up too much memory when verifying signatures,...

7.5CVSS7.2AI score0.0044EPSS
Exploits0References3
OSV
OSV
added 2021/08/05 8:15 p.m.9 views

UBUNTU-CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

5.5CVSS6.8AI score0.00734EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2019/08/06 2:22 p.m.6 views

exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

6.5CVSS5.8AI score0.02289EPSS
Exploits1References4
Rows per page
Query Builder