238 matches found
GHSA-JXCC-G75X-QGW9 Calipso Arbitrary File Write via Archive Extraction (Zip Slip)
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
Calipso Arbitrary File Write via Archive Extraction (Zip Slip)
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
Arbitrary File Write
calipso is vulnerable to arbitrary file write. A malicious module can overwrite files on an arbitrary file system through the module install functionality...
CVE-2021-23391
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
CVE-2021-23391
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
Design/Logic Flaw
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
CVE-2021-23391
CVE-2021-23391 affects all versions of the NodeJS CMS calipso . The vulnerability is an Arbitrary File Write via Archive Extraction (Zip Slip) , exploitable through the module install functionality to overwrite files on the target filesystem. Root cause appears to be unsafe archive extraction all...
CVE-2021-23391 Arbitrary File Write via Archive Extraction (Zip Slip)
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
CVE-2021-23391
This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...
calipso 所有 路径遍历漏洞
Calipso is a simple NodeJS content management system. Built on themes similar to Drupal and Wordpress, it is designed to be fast, flexible and simple. calipso has a security vulnerability that can be exploited by an attacker to overwrite files on any file system...
Arbitrary File Write via Archive Extraction (Zip Slip)
Overview calipso is a Calipso is a simple NodeJS content management system based on Express, Connect & Mongoose. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. It is possible for a malicious module to overwrite files on an arbitrary file...
Privilege Escalation
kernel is vulnerable to privilege escalation. A use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c due to the CIPSO and CALIPSO refcounting for the DOI definitions are mishandled, leading to writing of an arbitrary value...
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
...
Linux kernel resource management error vulnerability (CNVD-2021-37734)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A resource management error vulnerability exists in cipsov4genopt in net/ipv4/cipsoipv4.c in Linux kernel versions...
AZL-6561 CVE-2021-33033 affecting package kernel for versions less than 5.10.78.1-1
The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...
UBUNTU-CVE-2021-33033
The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...
CVE-2021-33033
The Linux kernel before 5.11.14 has a use-after-free in cipsov4genopt in net/ipv4/cipsoipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value...
Unfixed XSS vulnerability at www.calipso.com.co
Security researcher KrepTOr, has submitted on 26/04/2008 a cross-site-scripting XSS vulnerability affecting www.calipso.com.co, which at the time of submission ranked 2811340 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/05/2008. It is...