6 matches found
CVE-2026-44221
ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...
CVE-2026-44221 ArcadeDB: Cross-database authorization bypass and unsecured newly-created databases
ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an...
ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases
Impact Authenticated users and API tokens scoped to a specific database could read, write, and mutate schema on any other database on the same server. Two distinct defects contributed: 1 ServerSecurityUser.getDatabaseUser returned a DB user with an uninitialized fileAccessMap, which...
Compiler optimisation leads to SEGFAULT
Affected versions of the pnet crate were optimized out by compiler, which caused dereference of uninitialized file descriptor which caused segfault...
Compiler optimisation for next_with_timeout in pnet::transport::IcmpTransportChannelIterator flaws to SEGFAULT
Affected versions of this crate were optimized out by compiler, which caused dereference of uninitialized file descriptor which caused segfault...
CVE-2007-6263
The dataconn function in ftpd.c in netkit ftpd netkit-ftpd 0.17, when certain modifications to support SSL have been introduced, calls fclose on an uninitialized file stream, which allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via som...