GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection

GHSA-8596-2jgr-ppj7: Amazon Redshift JDBC Driver vulnerable to SQL Injection

GHSA-xx95-62h6-h7v3: lgsl Stored Cross-Site Scripting vulnerability

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.









**PaddlePaddle command injection in \_wget\_download**

Critical severity GitHub Reviewed Published Jan 3, 2024 to the GitHub Advisory Database • Updated Jan 3, 2024

Headline

GHSA-rf7p-79xq-8xwm: PaddlePaddle command injection in _wget_download

ghsa: Latest News