CVE-2026-34400

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

CVE-2026-34400 alerta-server has potential SQL Injection vulnerability in Query String Syntax (q=) API

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API q= was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version...

PT-2026-29356

Name of the Vulnerable Software and Affected Versions Alerta versions prior to 9.1.0 Description Alerta, a monitoring tool, had a SQL injection issue in the Query string search API. The vulnerability stemmed from directly interpolating user-supplied search terms into SQL strings via f-strings whe...

Alerta SQL注入漏洞

Alerta is a Python-based monitoring system developed by individual developers. Versions prior to Alerta 9.1.0 contained a SQL injection vulnerability. This vulnerability stems from the Query String Search API directly inserting user-provided search terms into the SQL string, which could lead to S...

CVE-2025-63651

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

AZL-76457 CVE-2025-63651 affecting package fluent-bit 3.0.6-6

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63651

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

PT-2026-5338

Name of the Vulnerable Software and Affected Versions Monkey versions prior to commit f37e984 Description A use-after-free issue exists in the mk string char search function located in mk core/mk string.c. This allows attackers to cause a Denial of Service DoS by sending a crafted HTTP request to...

CVE-2025-63651

CVE-2025-63651 is a use-after-free in the mk_string_char_search function (mk_core/mk_string.c) of the Monkey project, fixed by updating to commit f37e984 or later. The vulnerability allows a crafted HTTP request to trigger a Denial of Service via the affected string-search path. Affected componen...

AutoDFBench 1.0: A Benchmarking Framework for Digital Forensic Tool Testing and Generated Code Evaluation

The National Institute of Standards and Technology NIST Computer Forensic Tool Testing CFTT programme has become the de facto standard for providing digital forensic tool testing and validation. However to date, no comprehensive framework exists to automate benchmarking across the diverse forensi...

EUVD-2017-7552

Malware in sbrugna...

EUVD-2022-5914

Malicious code in bioql PyPI...

EUVD-2022-6069

Malicious code in bioql PyPI...

CVE-2017-16358

In radare 2.0.1, an out-of-bounds read vulnerability exists in stringscanrange in libr/bin/bin.c when doing a string search...

fast-string-search denial-of-service vulnerability

fast-string-search is a search function that can search for strings using N-API and boyer-moore-magiclen. fast-string-search suffers from a denial-of-service vulnerability that stems from incorrect computation of non-string input, which can be exploited by an attacker to cause fast-string- search...

Uncontrolled Resource Consumption in fast-string-search

All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...

Out-of-bounds Read in fast-string-search

All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...

GHSA-HMQG-P8F8-3QRW Out-of-bounds Read in fast-string-search

All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...

CVE-2022-22138

All versions of package fast-string-search are vulnerable to Denial of Service DoS when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation...

CVE-2022-25872

All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...