CVE-2025-46578 – GoldenDB Database SQL Injection Vulnerability

April 27, 2025

CVE ID : CVE-2025-46578

Published : April 27, 2025, 2:15 a.m. | 48 minutes ago

Description : There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46579 – GoldenDB DDE Injection Vulnerability

Next Article CVE-2025-46577 – GoldenDB Database SQL Injection Vulnerability

Highlights

CVE-2025-38162 – Linux Kernel Netfilter NFT Set Pipapo Integer Overflow Vulnerability

July 3, 2025

CVE ID : CVE-2025-38162

Published : July 3, 2025, 9:15 a.m. | 2 hours, 14 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_set_pipapo: prevent overflow in lookup table allocation

When calculating the lookup table size, ensure the following
multiplication does not overflow:

– desc->field_len[] maximum value is U8_MAX multiplied by
NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case.
– NFT_PIPAPO_BUCKETS(f->bb) is 2^8, worst case.
– sizeof(unsigned long), from sizeof(*f->lt), lt in
struct nft_pipapo_field.

Then, use check_mul_overflow() to multiply by bucket size and then use
check_add_overflow() to the alignment for avx2 (if needed). Finally, add
lt_size_check_overflow() helper and use it to consolidate this.

While at it, replace leftover allocation using the GFP_KERNEL to
GFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

DistroWatch Weekly, Issue 1132

I ran with the Apple Watch and Samsung Watch 8 – here’s the better AI coach

8 smart home gadgets that instantly upgraded my house (and why they work)

I tested Panasonic’s new affordable LED TV model – here’s my brutally honest buying advice

The details of TC39’s last meeting

The details of TC39’s last meeting

NativePHP Is Entering Its Next Phase

Medical Card Generator Android App Project Using SQLite

Microsoft Edge shifts to Copilot-first UI on Windows 11 as Perplexity Comet gains traction

Microsoft Edge shifts to Copilot-first UI on Windows 11 as Perplexity Comet gains traction

Is CDKeys Trustworthy? Everything You Need to Know Before Buying

Microsoft confirms Windows 11 24H2 stability issues, affecting games, tests performance fixes

CVE-2025-46578 – GoldenDB Database SQL Injection Vulnerability

SharePoint under fire: ToolShell attacks hit organizations worldwide

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

CVE-2025-46377 – Apache HTTP Server Arbitrary File Upload Vulnerability

cybercog/laravel-clickhouse

I’ve fallen in love with this stunning 5K monitor and its built-in KVM switch — it’s ideal for my creative projects

Kontainer is a GUI tool to manage Distrobox containers

CVE-2025-38162 – Linux Kernel Netfilter NFT Set Pipapo Integer Overflow Vulnerability

Announcing Gemma 3n preview: Powerful, efficient, mobile-first AI

CVE-2024-54028 – Catdoc OLE Document DIFAT Parser Integer Underflow Heap-Based Memory Corruption

Open Source MCP: Powering Scalable Test Automation

CVE-2025-46578 – GoldenDB Database SQL Injection Vulnerability

Related Posts