5 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-9489
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or...
SQL Injection
Overview apache-airflow-providers-common-sql is a Provider package apache-airflow-providers-common-sql for Apache Airflow Affected versions of this package are vulnerable to SQL Injection via the partitionclause parameter in SQLTableCheckOperator. An attacker can escalate privileges and execute...
PT-2023-17408 · WordPress · Forminator
Name of the Vulnerable Software and Affected Versions: Forminator WordPress plugin versions prior to 1.24.1 Description: The issue arises from the plugin not using an atomic operation to check whether a user has already voted and then update that information, leading to a Race Condition. This...
SUSE CVE-2020-9489
A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade ...
MediaWiki XXE Vulnerability - Windows
The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service DoS, or possibly have other impact via an XML external entity XXE attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...