8 matches found
Improper Neutralization of Special Elements in Data Query Logic
Overview org.springframework.ai:spring-ai-milvus-store is a Spring AI Vector Store - Milvus Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vecto...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the isSensitiveSpec function which calls grpcomni.CreateResource without checking if the resource's metadata field is nil. An attacker can cause a server crash and disrupt service availability by sending emp...
PT-2024-32953 · WordPress · Acf Images Search/Insert
Name of the Vulnerable Software and Affected Versions: ACF Images Search And Insert versions 1.1.4 and earlier Description: The issue affects the ACF Images Search And Insert plugin, allowing unrestricted upload of files with dangerous types, such as a web shell, to a web server. This could...
OESA-2023-1383 runc security update
runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a...
Important: runc
Issue Overview: runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not...
DEBIAN-CVE-2023-28642
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...
DEBIAN-CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...
UBUNTU-CVE-2023-25809
runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...