CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

CVE-2024-41434

PingCAP TiDB v8.1.0 is affected by a buffer overflow in the (*Column).GetDecimal path that can enable a Denial of Service via crafted input to RemoveUnnecessaryFirstRow. The issue arises because the code checks the expression between Agg and GroupBy but does not verify the return type. PingCAP di...

CVE-2024-41433

CVE-2024-41433 affects PingCAP TiDB 8.1.0, with a buffer overflow in the component expression.ExplainExpressionList. The vulnerability could allow an attacker to induce a Denial of Service via crafted input. PingCAP notes that the reproduced issue did not cause service interruption for other user...

CVE-2024-41434

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component Column.GetDecimal. This allows attackers to cause a Denial of Service DoS via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the retu...

openSUSE 15 Security Update : curl (SUSE-SU-2023:2224-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2224-2 advisory. - A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash...

CVE-2023-28321

An improper certificate validation vulnerability exists in curl v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS...

CVE-2023-28320

A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...

Code injection

Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups...

BSA-2018-539

Security Advisory ID : BSA-2018-539 Component : OpenSSH Revision : 2.0: Final The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffe...

Concrete CMS: Stored XSS in RSS Feeds Title (Concrete5 v8.1.0)

Summary / Description: The RSS Feeds Title pfTitle= parameter does not correctly sanitize user input. This allows HTML & Javascript to be stored and executed any time someone visits /index.php/dashboard/pages/feeds Steps to Reproduce 1. Open up Firefox 2. Login /index.php/login 3. Visit...

Concrete CMS: Stored XSS in Express Objects - Concrete5 v8.1.0

Summary / Description: The Entry Name name parameter does not correctly sanitize user input. This allows HTML & Javascript to be stored and executed any time someone visits index.php/dashboard/express/entries Steps to Reproduce 1. Open up Firefox 2. Login /index.php/login 3. Visit...

Concrete5 CMS 8.1.0 - Host Header Injection

Concrete5 CMS 8.1.0 - Host Header Injection + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CONCRETE5-v8.1.0-HOST-HEADER-INJECTION.txt + ISR: ApparitionSec Vendor: ================== www.concrete5.org Product:...