63 matches found
Astra Linux – Vulnerability in SQLite3
SQLite version 3.31.1 allows attackers to cause a denial of service segmentation fault through a malformed window-function query, due to improper handling of the initialization of the AggInfo object...
ROS-20260615-73-0017
The vulnerability of the xfAppUpdateWindowFromSurface function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Astra Linux – Vulnerability in Mariadb 10.3
SaveWindowFunctionValues in MariaDB before 10.6.3 can cause an application to crash due to incorrect handling of withWindowFunc=true for a subquery...
Siemens SIMATIC S7-1500 Use After Free (CVE-2019-5018)
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this...
EUVD-2020-3998
Malware in sbrugna...
EUVD-2024-52760
Malicious code in bioql PyPI...
EUVD-2021-33334
Malicious code in bioql PyPI...
CVE-2024-55272
An issue in Brainasoft Braina v2.8 allows a remote attacker to obtain sensitive information via the chat window function...
CVE-2024-55272
An issue in Brainasoft Braina v2.8 allows a remote attacker to obtain sensitive information via the chat window function...
CVE-2024-55272
Technical details are not publicly available in the provided documents. Monitor for updates.
CLSA-2024-1731344359 Fix CVE(s): CVE-2020-27763
SECURITY UPDATE: Division by zero vulnerability - debian/patches/CVE-2020-27763.patch: Fix window function scaling in resize.c to avoid division on every filter call - CVE-2020-27763...
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
...
BIT-SQLITE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
sqlite: Crash due to misuse of window functions.
A flaw was found in SQLite. A buffer overflow vulnerability allows a local attacker to cause a denial of service via a crafted script...
mariadb: crash via window function in expression in ORDER BY
A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/fieldconv.cc, affecting availability...
sqlite: Crash due to misuse of window functions.
A flaw was found in SQLite. A buffer overflow vulnerability allows a local attacker to cause a denial of service via a crafted script...
SUSE CVE-2019-13219
A NULL pointer dereference in the getwindow function in stbvorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file...
SUSE CVE-2020-11655
SQLite through 3.31.1 allows attackers to cause a denial of service segmentation fault via a malformed window-function query because the AggInfo object's initialization is mishandled...
SUSE CVE-2021-46658
savewindowfunctionvalues in MariaDB before 10.6.3 allows an application crash because of incorrect handling of withwindowfunc=true for a subquery...
PT-2022-27677 · Unknown · Paddlepaddle
Name of the Vulnerable Software and Affected Versions: PaddlePaddle versions prior to 2.4 Description: The issue arises from the paddle.audio.functional.get window function calling eval on a user-supplied winstr, leading to potential code injection and arbitrary code execution. Recommendations: F...