CVE-2024-43406

CVE-2024-43406 affects LF Edge eKuiper. The vulnerability is a SQL Injection in the sqlKvStore.Get path, stemming from insufficient input handling that allows execution of malicious SQL queries. Public references (GHSA and OSV) describe the same issue affecting multiple entry points (e.g., explai...

CVE-2021-41186

Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string ca...

CVE-2021-37714

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

CVE-2020-10072

Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions = v1.14.2, = v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges CWE-280. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc...