mariadb: MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements

MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures...

The vulnerability of the software responsible for creating, monitoring, and orchestrating data processing scripts in Airflow lies in its ability to restore unreliable data structures in memory, allowing an attacker to execute arbitrary code or cause service failures.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

The vulnerability of the Spring Framework configuration implementation for microprogramming sensors for monitoring the Keysight N6841A RF device and the Keysight N6854A geolocation sensors allows a perpetrator to execute arbitrary code.

The vulnerability of the Spring Framework configuration for microprogramming sensors for monitoring Keysight N6841A RF devices, as well as the microprogramming software for geolocation systems from Keysight N6854A, lies in the recovery of unreliable data structures in memory. Exploiting this...

GO-2022-0526 Stack exhaustion when decoding certain messages in encoding/gob

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion...

[SECURITY] Fedora 35 Update: golang-github-pelletier-toml-1.9.4-2.fc35

Go-toml provides the following features for using data parsed from TOML documents: - Load TOML documents from files and string data - Easily navigate TOML structure using Tree - Mashaling and unmarshaling to and from data structures - Line & column position data for all parsed elements - Query...

[SECURITY] Fedora 35 Update: golang-github-ledisdb-0.6-5.20210112gitd35789e.fc35

Ledisdb is a high-performance NoSQL database library and server written in Go. It's similar to Redis but store data in disk. It supports many data structures including kv, list, hash, zset, set. LedisDB now supports multiple different databases as backends...

[SECURITY] Fedora 35 Update: golang-github-gogo-protobuf-1.3.2-5.fc35

Gogoprotobuf is a fork of golang/protobuf with extra code generation features. This code generation is used to achieve: - fast marshalling and unmarshalling - more canonical Go structures - goprotobuf compatibility - less typing by optionally generating extra helper code - peace of mind by...

[SECURITY] Fedora 36 Update: golang-github-pelletier-toml-1.9.4-2.fc36

Go-toml provides the following features for using data parsed from TOML documents: - Load TOML documents from files and string data - Easily navigate TOML structure using Tree - Mashaling and unmarshaling to and from data structures - Line & column position data for all parsed elements - Query...

[SECURITY] Fedora 36 Update: golang-github-ledisdb-0.6-5.20210112gitd35789e.fc36

Ledisdb is a high-performance NoSQL database library and server written in Go. It's similar to Redis but store data in disk. It supports many data structures including kv, list, hash, zset, set. LedisDB now supports multiple different databases as backends...

GHSA-WW3V-6XJF-JV28 Uncontrolled Resource Consumption in Spray JSON

Recursive decent parsers are susceptible too StackOverflowExceptions on too deeply nested structures as currently "open" parsing state is kept on the stack...

Does not set the offerer as the recipient if execution amount is nonzero

Lines of code Vulnerability details Impact Order structures will be corrupted through invalid fulfillment application logic. Proof of Concept Tools Used Manual inspection Recommended Mitigation Steps Change to // Set the offerer as the receipient if execution amount is nonzero. if...

EulerOS 2.0 SP3 : mariadb (EulerOS-SA-2022-1746)

According to the versions of the mariadb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - MariaDB through 10.5.9 allows an application crash in findfieldintables and findorderinlist via an unused common table expression CTE...

Plone Information Disclosure

atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name...

[SECURITY] Fedora 35 Update: redis-6.2.7-1.fc35

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

[SECURITY] Fedora 36 Update: golang-github-francoispqt-gojay-1.2.13-6.fc36

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

DEBIAN-CVE-2021-38443

Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser...

CVE-2021-38443

Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser...

UBUNTU-CVE-2021-38443

Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser...

CVE-2022-29859

component/common/network/dhcp/dhcps.c in ambiot amb1sdk aka SDK for Ameba1 before 2022-03-11 mishandles data structures for DHCP packet data...

CVE-2022-29859

component/common/network/dhcp/dhcps.c in ambiot amb1sdk aka SDK for Ameba1 before 2022-03-11 mishandles data structures for DHCP packet data...