CVE-2021-46668

MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures...

CVE-2021-46668

MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures...

CVE-2021-46668

Disclaimer: This data contains information about vulnerable...

MariaDB 代码问题漏洞

MariaDB is a free and open source database management system from the MariaDB Mariadb Foundation and a version of the MySQL branch that uses the Maria storage engine.A code issue vulnerability exists in MariaDB, which stems from the fact that the product allows certain SELECT statements to cause...

MariaDB 资源管理错误漏洞

MariaDB is a free and open source database management system from the MariaDB Mariadb Foundation and a forked version of MySQL with the Maria storage engine. A resource management error vulnerability exists in MariaDB that stems from the product's long SELECT DISTINCT statement not restricting th...

ALPINE-CVE-2021-46659

MariaDB before 10.7.2 allows an application crash because it does not recognize that SELECTLEX::nestlevel is local to each VIEW...

QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in modesensepage if the 'page' argument was set to MODEPAGEALLS 0x3f. A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service conditio...

southernselectautosales.com Cross Site Scripting vulnerability OBB-2318535

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

GSD-2021-1002661 scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()

scsi: scsidebug: Sanity check block descriptor length in respmodeselect This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.222 by commit...

QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in modesensepage if the 'page' argument was set to MODEPAGEALLS 0x3f. A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service conditio...

QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in modesensepage if the 'page' argument was set to MODEPAGEALLS 0x3f. A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service conditio...

Denial Of Service (DoS)

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash...

Mozilla Firefox Security Advisory (MFSA2013-94) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS

SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash...

sqlite security update

An update is available for sqlite. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SQLite is a C library that implements an SQL database engine. A large subset o...

RLSA-2021:4396 Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Moderate: sqlite security update

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

Mozilla Firefox Security Advisory (MFSA2016-52) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

CVE-2021-3930

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in modesensepage if the 'page' argument was set to MODEPAGEALLS 0x3f. A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service conditio...

Policies not properly enforced in bluemonday

The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8 for Python in pybluemonday, does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements...