11 matches found
GHSA-VJG6-GM8M-V5G6 Open Babel has out-of-bounds write in MOL2 attribute/value parser
Summary A memory-safety vulnerability in Open Babel's MOL2 parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the attribute/value parsing path of the MOL2 reader. An over-long attribute or value caused the parser to write past the end of a fixed-size...
GHSA-M982-7Q3H-R784 Open Babel has out-of-bounds read in PQS lowerit (pre-buffer read)
Summary A memory-safety vulnerability in Open Babel's PQS parser caused an out-of-bounds pre-buffer read when reading a crafted input file. Details The flaw was in the lowerit helper used by the PQS parser. A malformed input caused the helper to read one or more bytes before the start of its inpu...
GHSA-J9PP-7WFG-Q7FJ Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines
Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in ChemKinFormat::ReadReactionQualifierLines. A malformed reaction qualifier record caused the parser to dereference a NULL pointer. Impac...
CVE-2024-13265 Opigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029
Improper Neutralization of Directives in Statically Saved Code 'Static Code Injection' vulnerability in Drupal Opigno Learning path allows PHP Local File Inclusion.This issue affects Opigno Learning path: from 0.0.0 before 3.1.2...
PT-2024-36267 · Dotstore · Dotstore Advance Menu Manager
Name of the Vulnerable Software and Affected Versions: Dotstore Advance Menu Manager versions 3.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Dotstore Advance Menu Manager. This vulnerability allows for unauthorized access. Recommendations: For...
CVE-2024-30221
Deserialization of Untrusted Data vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.1.1...
PT-2024-20617 · Jquery · Quicksand Post Filter Jquery Plugin
Name of the Vulnerable Software and Affected Versions: Quicksand Post Filter jQuery Plugin versions 3.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Quicksand Post Filter jQuery Plugin. Recommendations: For Quicksand Post Filter jQuery Plugin...
annalist (=0.5.18), anoteai (>=0.10.0 <=0.20.0) +96 more potentially affected by CVE-2022-36087 via oauthlib (>=3.1.1 <=3.2.0)
oauthlib PYPI version =3.1.1, =0.10.0, =1.1.89, =0.2.1, =0.7.11, =0.2.11, =1.0.0, =1.1.71, =1.2.0, =0.3.7, =1.0.28, =0.0.5, =0.0.33, =0.1.0, =0.0.1, =0.0.30 and more Source cves: CVE-2022-36087 Source advisory: OSV:PYSEC-2022-269...
PT-2021-11085
Name of the Vulnerable Software and Affected Versions: qcubed versions 3.1.1 and earlier Description: A SQL injection issue allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request to the profile.php file, specifically via the strQuery parameter...
PT-2019-16906 · Ibm · Ibm Cloud Private
Name of the Vulnerable Software and Affected Versions: IBM Cloud Private versions 3.1.1 through 3.1.2 Description: The issue allows an attacker to execute malicious and unauthorized actions by exploiting cross-site request forgery. This could be done by transmitting actions from a user that the...
@ajoursystem/arnisp-bootstrap-xlgrid (=1.0.0), @arivazhagan/demo-project (=1.0.1) +455 more potentially affected by CVE-2016-10735 via bootstrap (>=3.1.1 <=3.3.7)
bootstrap NPM version =3.1.1, =1.31.0, =0.0.1, =0.0.1, =4.0.8, =1.0.0, =1.0.0, =0.0.0, =0.0.2 and more Source cves: CVE-2016-10735 Source advisory: OSV:GHSA-4P24-VMCR-4GQJ...