The vulnerability of the Amazon Redshift JDBC driver lies in the lack of security measures for SQL query structures, allowing attackers to exploit this to increase their privileges.

The vulnerability of the Amazon Redshift JDBC driver is related to the lack of security measures for SQL query structures. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2025-37972

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained an issue in the networking component net: rose related to reference counting of rose neigh structures. The implementation maintained separate reference counts ...

CVE-2024-56621

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcdremove Currently, RTC work is only cancelled during ufshcdwlsuspend. When ufshcd is removed in ufshcdremove, RTC work is not cancelled. Due to this, any further trigger of the RTC wor...

OESA-2024-2587 golang security update

. Security Fixes: Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a...

Important: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

The vulnerability of Adobe Connect web conference software lies in the lack of protective measures for website structures, allowing attackers to enhance their privileges and execute arbitrary code.

The vulnerability of Adobe Connect web conference software relates to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and execute arbitrary code...

OESA-2024-2506 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

OESA-2024-2505 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

CVE-2024-52596

SimpleSAMLphp xml-common is a common classes for handling XML-structures. When loading an untrusted XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 1.19.0...

Stack Overflow

TOML parser is vulnerable to stack overflow. The vulnerability is due to improper handling of deeply nested structures in the TOML parser, which can lead to a stack overflow when encountering deeply nested inline structures or stringifying deeply nested objects. It allows an attacker to craft a...

MGASA-2024-0376 Updated golang packages fix security vulnerabilities

Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Calling Parse o...

The vulnerability of the Windows Active Directory (AD) management and reporting software Zoho ManageEngine ADAudit Plus lies in the lack of protection for SQL query structures, allowing attackers to execute custom queries and gain access to database table records.

The vulnerability of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of protection for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute custom queries and gain access to database table...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks lies in the lack of protective measures for SQL query structures, allowing attackers to execute arbitrary code.

The vulnerability of the Ivanti Endpoint Manager software for managing endpoints in information networks relates to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...