PT-2023-3376 · Unknown · Dynamic Linq

Name of the Vulnerable Software and Affected Versions: Dynamic Linq versions 1.0.7.10 through 1.2.25 Description: The issue is related to the use of an incomplete blacklist in the Dynamic Linq library, allowing attackers to execute arbitrary code when untrusted input is parsed by methods includin...

MAL-2023-339 Malicious code in fc-country-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c2e34746019c8babb7529002f310acda6cd4d5f8ae99347e250d6ee9c6fb34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in fc-country-select (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c2e34746019c8babb7529002f310acda6cd4d5f8ae99347e250d6ee9c6fb34 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Medium: mariadb

Issue Overview: getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. CVE-2021-46657 MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW. CVE-2021-46659 MariaDB through...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

DEBIAN-CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

Design/Logic Flaw

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

UBUNTU-CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

kernel: mm/damon/reclaim: fix potential memory leak in damon_reclaim_init()

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: fix potential memory leak in damonreclaiminit damonreclaiminit allocates a memory chunk for ctx with damonnewctx. When damonselectops fails, ctx is not released, which will lead to a memory leak. We should relea...

xorg-x11-server: XvdiSelectVideoNotify use-after-free

A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding...

xorg-x11-server: XvdiSelectVideoNotify use-after-free

A vulnerability was found in X.Org. This flaw occurs because the handler for the XvdiSelectVideoNotify request may write to memory after it has been freed. This flaw can lead to local privilege elevation on systems where the X server runs privileged and remote code execution for ssh X forwarding...

CVE-2021-40331

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from...

CVE-2021-40331 Permissions problem in the Apache Ranger Hive Plugin

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from...

Apache Ranger 安全漏洞

Apache Ranger is a set of architectures from the U.S.-based Apache Foundation that implements comprehensive security measures for Hadoop clusters. The product provides centralized security policy management for core enterprise security requirements such as authorization, billing and data...

PT-2023-12360 · Apache · Apache Ranger Hive Plugin

Name of the Vulnerable Software and Affected Versions: Apache Ranger Hive Plugin versions 2.0.0 through 2.3.0 Description: An Incorrect Permission Assignment for Critical Resource issue was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownershi...

CVE-2023-30380

An issue in the component /dialog/selectmedia.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal...