2182 matches found
EUVD-2025-198870
Malicious code in @ensdomains/name-wrapper npm...
Malicious code in @ensdomains/name-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cfefd8b0b2d182a283e0934b365d98833a12639552eab96ebe6b69572c15c0d The package @ensdomains/name-wrapper was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190807 Malicious code in @ensdomains/name-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cfefd8b0b2d182a283e0934b365d98833a12639552eab96ebe6b69572c15c0d The package @ensdomains/name-wrapper was found to contain malicious code. Source: ghsa-malware...
CVE-2025-64182
A memory-safety vulnerability has been identified in the Python bindings of OpenEXR, where improper checks on image channels and attribute stealing operations may result in buffer overflow when processing crafted EXR files or Python objects. An attacker supplying a malicious EXR file or crafted...
GO-2025-4119 AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance in github.com/aws/aws-advanced-go-wrapper/awssql
AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance in github.com/aws/aws-advanced-go-wrapper/awssql...
Uncontrolled Search Path Element
Overview software.amazon.jdbc:aws-advanced-jdbc-wrapper is an Amazon Web Services AWS Advanced JDBC Wrapper Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unqualified SQL function and operator references in the database dialect components. An attacker...
EUVD-2025-180214
AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance...
Uncontrolled Search Path Element
Overview awsadvancedpythonwrapper is an Amazon Web Services AWS Advanced Python Driver Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unqualified SQL function and operator references in the database dialect components. An attacker can execute malicious...
Uncontrolled Search Path Element
Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unqualified SQL function and operator references in the database dialect components. An attacker can execute malicious code with elevated privileges by creating crafted functions with names that...
Uncontrolled Search Path Element
Overview aws-advanced-nodejs-wrapper is a Affected versions of this package are vulnerable to Uncontrolled Search Path Element due to unqualified SQL function and operator references in the database dialect components. An attacker can execute malicious code with elevated privileges by creating...
AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
GHSA-8WJ8-CFXR-9374 AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
EUVD-2025-180216
AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance...
GHSA-7WQ2-32H4-9HC9 AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
AWS Advanced Go Wrapper: Privilege Escalation in Aurora PostgreSQL Instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
ch.admin.bit.jeap:jeap-archrepo-docgen (>=2.10.0 <=3.1.1), ch.admin.bit.jeap:jeap-archrepo-importer-openapi (>=1.10.0 <=3.1.1) +8 more potentially affected by CVE-2025-12967 via software.amazon.jdbc:aws-advanced-jdbc-wrapper (>=2.3.7 <=2.5.6)
software.amazon.jdbc:aws-advanced-jdbc-wrapper MAVEN version =2.3.7, =2.10.0, =1.10.0, =1.15.0, =1.10.0, =1.10.0, =1.10.0, =1.10.0, =17.16.0, =2.0.0, =26.6.0, =26.6.2 Source cves: CVE-2025-12967 Source advisory: OSV:GHSA-7XW4-G7MM-R4HH...
EUVD-2025-180218
Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance...
Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
GHSA-7XW4-G7MM-R4HH Amazon Web Services Advanced JDBC Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
GHSA-4JVF-WX3F-2X8Q AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...