6 matches found
GHSA-G857-HHFV-J68W Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption
Details A buffer overflow vulnerability exists in Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but fails to guarantee the backing Ruby string has enough capacity before the memmove shifts the existing data. This can lead to...
CVE-2025-47286
Combodo iTop is a web based IT service management tool. In versions prior to 2.7.13 and 3.2.2, an administrator can, by editing the configuration of the iTop instance, execute code on the server. Versions 2.7.13 and 3.2.2 escape and check the config parameter before executing a command based on i...
PT-2024-28200 · WordPress · Wp Media Sas Search & Replace
Name of the Vulnerable Software and Affected Versions: WP MEDIA SAS Search & Replace versions n/a through 3.2.2 Description: The issue is related to Deserialization of Untrusted Data, which affects the Search & Replace plugin. Recommendations: For versions n/a through 3.2.2, update to a version...
PT-2024-13683 · Unknown · Openharmony
Name of the Vulnerable Software and Affected Versions: OpenHarmony versions 3.2.2 and prior Description: The issue allows a local attacker to cause a multimedia audio crash by modifying a released pointer. Recommendations: For OpenHarmony versions 3.2.2 and prior, at the moment, there is no...
PT-2023-29846 · Unknown · Openharmony
Name of the Vulnerable Software and Affected Versions: OpenHarmony versions 3.2.2 and prior Description: The issue allows a local attacker to obtain sensitive buffer information through the use of an uninitialized resource. Recommendations: For OpenHarmony versions 3.2.2 and prior, at the moment,...
PT-2022-2029
Name of the Vulnerable Software and Affected Versions Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions Description The issue is related to a remote code execution vulnerability in Spring Cloud Function when using routing functionality. It is possible for a user to provid...