CVE-2024-41434

EPSS 0.10% · P27 Updated Feb 26, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-41434

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

PingCAP TiDB v8.1.0 was discovered to contain a buffer overflow via the component (*Column).GetDecimal. This allows attackers to cause a Denial of Service (DoS) via a crafted input to the 'RemoveUnnecessaryFirstRow', it will check the expression between 'Agg' and 'GroupBy', but does not check the return type. NOTE: PingCAP disputes this, arguing that reproduction did not cause the security impact of service interruption to other users. They maintain it is a complex query bug in the product but not a DoS.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

PingCAP TiDB 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PingCAP TiDB是中国PingCAP公司的一个开源、云原生、分布式、兼容 MySQL 的数据库，用于弹性扩展和实时分析。 PingCAP TiDB v8.1.0版本存在安全漏洞，该漏洞源于 (*Column).GetDecimal 组件包含一个缓冲区溢出问题。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2024-41434

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-41434

请登录查看更多情报信息。

Same Patch Batch · n/a · 2024-09-03 · 18 CVEs total

CVE-2024-38811	8.8 HIGH	Code-execution vulnerability
CVE-2024-41433		PingCAP TiDB 安全漏洞
CVE-2023-49233		Visual Planning Admin Center 安全漏洞
CVE-2024-42902		LimeSurvey 安全漏洞
CVE-2024-42904		sysPass 安全漏洞
CVE-2024-42901		LimeSurvey 安全漏洞
CVE-2024-42903		LimeSurvey 安全漏洞
CVE-2024-44809		camera-pi 安全漏洞
CVE-2024-38456		Vivavis 权限许可和访问控制问题漏洞
CVE-2024-41435		YugabyteDB 安全漏洞
CVE-2024-41436		ClickHouse 安全漏洞
CVE-2024-45678		Yubico YubiKey 5 安全漏洞
CVE-2024-45180		SquaredUp DS for SCOM 安全漏洞
CVE-2024-42991		MingSoft MCMS 安全漏洞
CVE-2024-34463		BPL Personal Weighing Scale PWS-01BT IND/09/18/599 安全漏洞
CVE-2024-44921		SeaCMS 安全漏洞
CVE-2024-44920		SeaCMS 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2024-41434

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-41434

I. Basic Information for CVE-2024-41434

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-41434

III. Intelligence Information for CVE-2024-41434

Same Patch Batch · n/a · 2024-09-03 · 18 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-41434

Leave a comment