372383 matches found
CVE-2024-58364
CVE-2024-58364 affects SurrealDB before 1.2.1. An uncaught exception in the span rendering path triggers a panic when parsing malformed queries with errors on line terminator characters, leading to server denial of service. Public details in the connected sources indicate the impact is an in-proc...
CVE-2024-58362
SurrealDB vulnerability CVE-2024-58362 affects prior releases (before 1.5.5 and 2.0.0-beta before 2.0.0-beta.3) where an arbitrary object can be accepted in signin/signup via the RPC API without recursive validation for non-computed values. An unauthenticated attacker could encode a binary object...
CVE-2024-58363
SurrealDB prior to 1.5.4 contains an authentication validation flaw when a scope user switches databases with USE or the use method. If an authenticated session encounters a user identifier that exists in a different database, an attacker can impersonate an unrelated user in that database, enabli...
CVE-2024-58361
SurrealDB is affected in versions before 2.0.4 by an uncaught exception in the parser error rendering path when processing empty strings. Authorized clients can issue malformed queries that convert empty strings to record, duration, or datetime types, triggering a panic in error rendering and cra...
CVE-2024-58359
SurrealDB prior to 2.1.0 contains a denial-of-service vulnerability in the sorting path when using ORDER BY rand(). Authorized clients can trigger a panic in the sorting function, crashing the server. The CVE covers SurrealDB versions before 2.1.0; exploitation details, affected versions beyond w...
CVE-2024-58358
SurrealDB versions before 2.1.0 are affected by a denial-of-service flaw in the role conversion logic. The issue lets privileged owner users define users with nonexistent roles; signing in with a user assigned an invalid role can trigger an uncaught panic, crashing the server. The vulnerability i...
CVE-2024-58357
CVE-2024-58357 affects SurrealDB versions before 2.1.0. The vulnerability is an uncaught exception in the Rust rand::time() function that panics when unwrap is called on a None result from timestamp_opt. Authorized clients can repeatedly invoke rand::time() to trigger server panics, causing denia...
CVE-2024-58356
SurrealDB prior to version 2.1.4 is affected by a permission-bypass issue. When using DEFINE TABLE ... OVERWRITE on tables defined with TYPE RELATION, the PERMISSIONS clause is not applied, so tightened permissions may not take effect and an authorized client could continue to access data. Affect...
CVE-2023-54366
CVE-2023-54366 affects SurrealDB prior to 1.0.1, where default table permissions are set to FULL instead of NONE. This misconfiguration allows attackers with database access or unauthenticated users on publicly exposed instances to perform uncontrolled SELECT, CREATE, UPDATE, and DELETE operation...
CVE-2026-16117
The CVE concerns @fastify/http-proxy (affected: up to 11.5.0) where URL prefix rewriting fails when the prefix segment is URL-encoded. Fastify decodes paths for route matching, but request.url keeps the original encoded form. The prefixRewrite step compares against the decoded prefix using a lite...
CVE-2026-16119
CVE-2026-16119 affects nextlevelbuilder GoClaw up to 3.13.2, specifically the WebSocket Approval Endpoint’s internal/tools/exec_approval.go, function RequestApproval. A manipulation can cause incorrect authorization, and the attack can be carried out remotely. The exploit has been made public, wi...
CVE-2026-59173
CVE-2026-59173 affects Apache Traffic Server versions 9.0.0–9.1.13 and 10.0.0–10.1.2. It describes an Uncontrolled Resource Consumption (DoS) scenario associated with HTTP/2 flow-control behavior. Upstream remediation is to upgrade to 9.1.14 or 10.1.3, which fixes the issue. The CVE entry consist...
CVE-2026-15631
The CVE affects the Node.js package @fastify/http-proxy, versions 9.4.0 through 11.5.0. A WebSocket routing flaw in WebSocketProxy.findUpstream lets the WHATWG URL constructor collapse dot segments, causing crafted upgrade requests with path traversal to bypass the configured rewrite prefix and r...
CVE-2026-9147
CVE-2026-9147 affects uproot 5.7.4 and prior. The issue arises when uproot dynamically generates Python class source code from ROOT TStreamerInfo records and compiles it at runtime. Some file-controlled streamer metadata fields (e.g., streamer element names) are interpolated into the generated Py...
CVE-2026-16158
Affected component: @fastify/reply-from. Versions 8.3.1 up to, but not including, 12.6.4 construct an internal URL cache key by concatenating destination and source paths without a delimiter, enabling cross-upstream data access when getUpstream selects an upstream from request data. This can caus...
CVE-2026-16097
CVE-2026-16097 affects Shibby Tomato 1.28, specifically the Scheduler Name Handler’s sub_42537C function. Manipulating the argument a1 yields a stack-based buffer overflow, with remote execution possible. The issue is noted as superseded by FreshTomato. CVSS metrics in the accompanying data indic...
CVE-2026-16096
CVE-2026-16096 affects Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. a stack-based overflow in the function sub_40BB50 of /proc/webmon_recent_domains can be triggered remotely. CVSS metrics indicate high impact to confidentiality, integrity, and availability (network vector, low access/privilege re...
CVE-2026-16095
The CVE-2026-16095 issue affects Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. Affects the function setup_conntrack in /sbin/rc. Manipulating the argument ct_tcp_timeout can cause an out-of-bounds write, with a remote attacker able to trigger it. The project is superseded by FreshTomato. No remedia...
CVE-2026-16088
Summary : CVE-2026-16088 affects halo-dev halo up to version 2.24.2. The vulnerability targets the Download function in MigrationEndpoint.java within the Files Backup Endpoint, where input manipulation enables path traversal. This allows remote exploitation, and public exploits have surfaced. Det...
CVE-2026-16085
The vulnerability CVE-2026-16085 affects Sipeed PicoClaw up to version 0.2.9. It resides in the function NewContextBuilder in pkg/agent/context.go, where manipulation can cause inclusion of functionality from an untrusted control sphere. The attack is local, and the exploit has been publicly disc...