11 matches found
CVE-2026-34232
The CVE concerns Firebird (open-source RDBMS). Vulnerability: in affected releases prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function fails to handle the isc_arg_cstring type when decoding an op_response packet, allowing an unauthenticated attacker to crash the server by sending a...
GHSA-MPWP-4H2M-765C Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
Active Job - Object injection security vulnerability
Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...
USN-5716-2 sqlite3 vulnerability
USN-5716-1 fixed a vulnerability in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a...
USN-5716-1 sqlite3 vulnerability
It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...
ALPINE-CVE-2022-35737
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
DEBIAN-CVE-2022-35737
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
AZL-10467 CVE-2022-35737 affecting package sqlite for versions less than 3.39.2-1
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
Stack overflow
Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.020150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions...
EMC AlphaStor Device Manager robotd RCE
The AlphaStor Device Manager application running on the remote host is affected by a remote command execution vulnerability in robotd due to improper sanitization of packet string arguments before using them in a call to the 'system' function. An unauthenticated, remote attacker can exploit this,...