5 matches found
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the NGAP handover failure message processing. An attacker can cause the service to crash and disrupt connectivity for all users by forcing a gNodeB to send NGAP handover failure messages. Remediation Upgrade...
CVE-2025-29847
A vulnerability in Apache Linkis. Problem Description When using the JDBC engine and da When using the JDBC engine and data source functionality, if the URL parameter configured on the frontend has undergone multiple rounds of URL encoding, it may bypass the system's checks. This bypass can trigg...
Authorization Bypass Through User-Controlled Key
Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the /admin/accounts/users/username endpoint. An attacker can obtain sensitive information...
PYSEC-2024-66
dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...
PT-2023-9417 · Scipy +6 · Scipy +6
Name of the Vulnerable Software and Affected Versions: SciPy versions prior to 1.8.0 Description: A use-after-free issue was discovered in the Py FindObjects function. The vendor and discoverer indicate that this is not a security issue. The issue is related to the use of memory after it has been...