CVE-2024-10947 - Critical SQL Injection in Guangzhou Tuchuang Interlib Library Cluster Automation Management System (≤2..1)
A critical vulnerability, known as CVE-2024-10947, was discovered in the Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System up to version 2.
CVE-2024-31880 - Understanding and Exploiting the IBM Db2 Denial of Service Vulnerability
In June 2024, a new vulnerability—CVE-2024-31880—was publicly disclosed for IBM Db2 for Linux, UNIX, and Windows (including Db2 Connect Server), affecting versions 10.
CVE-2024-9264 - Grafana’s Experimental SQL Expressions Let Attackers Inject Code with `duckdb`
Grafana is one of the most popular open-source analytics and monitoring tools out there. But sometimes, new features can bring new risks – and CVE-2024-9264 proves
CVE-2023-39593 - Insecure Permissions in MariaDB sys_exec Function Explained
CVE-2023-39593 is a security issue that caused a buzz in the MariaDB user community. This potential vulnerability is about how the sys_exec function in
CVE-2024-27766 - MariaDB v11.1 Remote Code Execution via `lib_mysqludf_sys.so` — Understanding the Risks, Disputes, and Exploit Demonstration
In early 2024, a vulnerability was reported as CVE-2024-27766, affecting MariaDB version 11.1. According to the initial report, a remote attacker could potentially execute
Episode
00:00:00
00:00:00