CVE-2022-27452
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_cmpfunc.cc.
Source: CVE-2022-27452
[월:] 2022년 04월
CVE-2022-27449
CVE-2022-27449
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_func.cc:148.
Source: CVE-2022-27449
CVE-2022-27444
CVE-2022-27444
MariaDB Server v10.9 and below was discovered to contain a segmentation fault via the component sql/item_subselect.cc.
Source: CVE-2022-27444
CVE-2022-26507
CVE-2022-26507
** UNSUPPORTED WHEN ASSIGNED ** A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Source: CVE-2022-26507
CVE-2021-43286
CVE-2021-43286
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create a new pipeline on a GoCD server can abuse a command-line injection in the Git URL "Test Connection" feature to execute arbitrary code.
Source: CVE-2021-43286
CVE-2021-43633
CVE-2021-43633
Sourcecodester Messaging Web Application 1.0 is vulnerable to stored XSS. If a sender inserts valid scripts into the chat, the script will be executed on the receiver chat.
Source: CVE-2021-43633
CVE-2021-43288
CVE-2021-43288
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker in control of a GoCD Agent can plant malicious JavaScript into a failed Job Report.
Source: CVE-2021-43288
CVE-2021-43289
CVE-2021-43289
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into an arbitrary directory of a GoCD server, but does not control the filename.
Source: CVE-2021-43289
CVE-2021-43290
CVE-2021-43290
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker who has compromised a GoCD agent can upload a malicious file into a directory of a GoCD server. They can control the filename but the directory is placed inside of a directory that they can’t control.
Source: CVE-2021-43290
CVE-2022-27448
CVE-2022-27448
There is an Assertion failure in MariaDB Server v10.9 and below via ‘node->pcur->rel_pos == BTR_PCUR_ON’ at /row/row0mysql.cc.
Source: CVE-2022-27448