35 matches found
Amazon Linux 2 : re2c (ALAS-2023-2344)
The version of re2c installed on the remote host is prior to 3.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2344 advisory. A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Tenable has extracted the...
Amazon Linux 2023 : re2c (ALAS2023-2023-438)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-438 advisory. A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Tenable has extracted the preceding description block directly from the tested product security...
Medium: re2c
Issue Overview: A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Affected Packages: re2c Issue Correction: Run dnf update re2c --releasever 2023.2.20231113 or dnf update --advisory ALAS2023-2023-438 --releasever 2023.2.20231113 to update yo...
CVE-2023-23901
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the...
CVE-2023-23901
CVE-2023-23901 affects Seiko Solutions SkyBridge MB-A200 firmware (01.00.05 and earlier) and SkyBridge BASIC MB-A130 firmware (1.4.1 and earlier). Root cause: improper following of a certificate’s chain of trust. Impact: remote unauthenticated attacker may eavesdrop on or alter communications sen...
CVE-2023-23901
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the...
CVE-2022-23901
A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc...
CVE-2022-23901
CVE-2022-23901 describes a stack overflow in re2c 2.2 due to infinite recursion in src/dfa/dead_rules.cc. Connected advisories show affected environments (e.g., Amazon Linux 2/ALAS2023-2344 and ALAS2023-438; Azure Linux security update) and fixes upgrading to re2c 3.1.x (e.g., 3.1-2) or later. Th...
CVE-2020-23901
creationtimestamp| type| source ---|---|--- 2021-11-11 00:37:08+00:00| seen| https://t.me/cibsecurity/32220...
CVE-2020-23901
A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted tga file...
CVE-2020-23901
Summary (CVE-2020-23901) : The vulnerability affects WildBit Viewer v6.6. According to the provided reports, the issue is a User Mode Write AV in Editor+0x5d15 that can be triggered by a crafted tga file , leading to a denial of service (DoS) . Connected documents corroborate a DoS impact from a ...
SUSE-SU-2021:0323-1 Security update for nutch-core
This update for nutch-core fixes the following issue: - CVE-2021-23901: fixed an XML external entity XXE injection in DmozParser bsc1181356...
CVE-2021-23901
An XML external entity XXE injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions 1.18. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. ...
CVE-2021-23901 An XML external entity (XXE) injection vulnerability exists in the Nutch DmozParser
An XML external entity XXE injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions 1.18. XML external entity injection also known as XXE is a web security vulnerability that allows an attacker to interfere with an application's processing of XML data. ...
CVE-2021-23901
The CVE-2021-23901 issue affects Apache Nutch DmozParser prior to 1.18, where an XML External Entity (XXE) injection was exploitable due to improper XML processing. Affected component: DmozParser in Nutch versions