Zulip server 跨站脚本漏洞

Zulip server is an open source team chat application from Zulip Inc. in the United States. A cross-site scripting vulnerability exists in Zulip server versions 2.0.0-rc1 through prior to 10.4, which stems from a cross-site scripting vulnerability in the /digest/ URL...

CVE-2023-2970 MindSpore json_helper.cc UpdateArray memory corruption

A vulnerability classified as problematic was found in MindSpore 2.0.0-alpha/2.0.0-rc1. This vulnerability affects the function JsonHelper::UpdateArray of the file mindspore/ccsrc/minddata/dataset/util/jsonhelper.cc. The manipulation leads to memory corruption. The name of the patch is...

CVE-2022-21404

Vulnerability in the Helidon product of Oracle Fusion Middleware component: Reactive WebServer. Supported versions that are affected are 1.4.10 and 2.0.0-RC1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Helidon. Successful attacks ...

CVE-2020-24717

CVE-2020-24717 affects OpenZFS prior to 2.0.0-rc1 when used on FreeBSD, where group permissions are misinterpreted as user permissions, making mode 0770 effectively as permissive as 0777. The Red Hat advisory and other listings confirm OpenZFS on FreeBSD as the affected context. The vulnerability...