PT-2024-1538

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.35 and prior MySQL Server versions 8.2.0 and prior Description The vulnerability exists in the MySQL Server product due to insufficient input validation in the User-Defined Function UDF component. This allows a...

Apache IoTDB Security Vulnerabilities

Apache IoTDB is an integrated data management engine designed for time series data from the Apache Foundation USA, which provides data collection, storage and analysis services, among others. A security vulnerability exists in Apache IoTDB versions 1.0.0 through 1.2.2, which can be exploited by a...

Apache DolphinScheduler Security Vulnerability

Apache Dolphinscheduler is a modern data scheduling platform from the Apache USA Foundation. A security vulnerability exists in Apache DolphinScheduler versions prior to 3.1.0, which stems from the ability of a logged-in user to unauthorizedly delete a resource center via a UDF function...

AZL-31584 CVE-2023-22111 affecting package mysql for versions less than 8.0.34-1

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2023-28483

An issue was discovered in Tigergraph Enterprise 3.7.0. The GSQL query language provides users with the ability to write data to files on a remote TigerGraph server. The locations that a query is allowed to write to are configurable via the GSQL.FileOutputPolicy configuration setting. GSQL querie...

PT-2023-26482 · Tdengine · Tdengine

Name of the Vulnerable Software and Affected Versions: TDengine versions prior to 3.0.7.1 Description: TDengine is an open source, time-series database optimized for Internet of Things devices. The issue affects TDengine Databases that allow users to connect and run arbitrary queries, causing the...

TDengine 输入验证错误漏洞

TDengine is an open source, high performance, cloud-native time series database from TDengine. An input validation error vulnerability exists in versions prior to TDengine 3.0.7.1, which stems from the database crashing on a UDF nested query resulting in a denial of service, allowing an attacker ...

SUSE CVE-2013-7491

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated...

SUSE CVE-2017-3529

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: UDF. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

OESA-2022-2146 sqlite security update

Security Fixes: SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.CVE-2022-46908...

UBUNTU-CVE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

TigerGraph 输入验证错误漏洞

TigerGraph is one of the world's fastest and most scalable graph analytics platforms from the TigerGraph community. Enabling real-time big data graph applications. TigerGraph version 3.6.0 suffers from an input validation error vulnerability that stems from a User Defined Function UDF feature tha...

Apache Hive 访问控制错误漏洞

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...

Apache AsterixDB 路径遍历漏洞

Apache AsterixDB is Apache open source a database management software . Provides a scalable open source big data management system A security vulnerability exists in Apache AsterixDB that stems from a specially crafted zip file that can place files outside of the UDF deployment directory when...

mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

mysql: Server: UDF unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...

DEBIAN-CVE-2013-7491

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated...

Design/Logic Flaw

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated...

UBUNTU-CVE-2013-7491

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated...

CVE-2013-7491

An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated...