RHEL 9 : mysql:8.4 (RHSA-2025:16046)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16046 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

Linux Distros Unpatched Vulnerability : CVE-2023-26785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a create function statement...

Linux Distros Unpatched Vulnerability : CVE-2024-27766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the libmysqludfsys.so function. NOTE: this is disputed by the MariaDB Foundati...

Linux Distros Unpatched Vulnerability : CVE-2023-22111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.33 and prior. Easily exploitable...

CVE-2023-28483

An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL querie...

GHSA-F4RQ-F4J9-F6RM Apache IoTDB Vulnerable to Remote Code Execution

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

PYSEC-2025-59

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who hasprivilege to create UDF can register malicious function fromuntrusted URI.This issue affects Apache IoTDB: from 1.0.0 before 1.3.4.Users are recommended to upgrade to version 1.3.4, which fixes the...

CVE-2024-24780

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

CVE-2024-24780 Apache IoTDB: Remote Code Execution with untrusted URI of User-defined function

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

CVE-2024-24780 Apache IoTDB: Remote Code Execution with untrusted URI of User-defined function

Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has privilege to create UDF can register malicious function from untrusted URI. This issue affects Apache IoTDB: from 1.0.0 before 1.3.4. Users are recommended to upgrade to version 1.3.4, which fixes...

udf: fix uninit-value use in udf_get_fileshortad

...

SUSE CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

UBUNTU-CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

PT-2024-4009 · Pytorch · Pytorch

Name of the Vulnerable Software and Affected Versions: PyTorch versions prior to 2.2.2 Description: The vulnerability in PyTorch's torch.distributed.rpc framework allows for remote code execution RCE due to the lack of proper verification of functions being called during RPC operations. This...

mysql: Server: UDF unspecified vulnerability (CPU Oct 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

mysql: Server: UDF unspecified vulnerability (CPU Jan 2024)

Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server...

CVE-2023-52296

IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: 278547...

PT-2024-14508 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server version 11.5 Description: The issue is related to a denial of service condition that can occur when querying a specific UDF built-in function concurrently. Recommendations: For I...

mysql: Server: UDF unspecified vulnerability (CPU Jan 2024)

Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server...