CVE-2025-5151

Defog.ai Introspect up to version 0.1.4 contains a code injection vulnerability in introspect/backend/tools/analysis_tools.py: execute_analysis_code_safely, caused by unsafe handling of the code argument. An attacker on the local host could exploit this without user interaction. A patch identifie...

Privilege Escalation

silverstripe/framework is vulnerable to Privilege Escalation. The vulnerability is due to the CMS Fields for members being constructed using DirectGroups instead of Groups relation. The vulnerability allows attacker with EDITPERMISSIONS and access to the "Security" section to escalate their...

PT-2024-40536 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A security issue allows a member with the EDIT PERMISSIONS permission and access to the "Security" section to escalate their privileges to ADMIN level by re-assigning themselves or...

The vulnerability of the MySQL database management system allows a hacker to compromise the accessibility of data.

The vulnerability of the Server sub-component in the Security section of the MySQL database management system is related to code errors. Exploiting this vulnerability can allow a malicious actor to compromise the accessibility of data...