The vulnerability of the OpenMetadata metadata management platform, related to improper handling of code generation, allows a hacker to execute arbitrary code.

The vulnerability of the OpenMetadata metadata management platform is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted PUT request...

CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

LLVM 安全漏洞

LLVM is a toolkit for building highly optimized compilers, optimizers, and runtime environments for LLVM. A security vulnerability exists in LLVM versions prior to 18.1.3 that stems from the presence of an assembly code generation error problem...

CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

CVE-2024-31852

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

CVE-2024-25096

Improper Control of Generation of Code 'Code Injection' vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7...

PT-2024-21727 · Unknown · Inpersttion Slivery Extender

Name of the Vulnerable Software and Affected Versions: Inpersttion Slivery Extender versions n/a through 1.0.2 Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows Code Injection. Recommendations: For Inpersttion Slivery...

PT-2024-20503 · Cwicly · Cwicly

Name of the Vulnerable Software and Affected Versions: Cwicly versions 1.4.0.2 and earlier Description: The issue is related to improper control of code generation, allowing code injection. This means that an attacker could potentially inject malicious code into the system. Recommendations: For...

The vulnerability of the CMS system Grav CMS, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the CMS system Grav CMS is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially created data...

ROS-20240328-06

A vulnerability in the libssh library is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service A vulnerability in the ProxyCommand/ProxyJump component of the libssh library is related to improper control of co...

The vulnerability of Mozilla Firefox and Firefox ESR browsers allows attackers to elevate their privileges and execute arbitrary code.

The vulnerability of Mozilla Firefox and Firefox ESR browsers is related to incorrect event handling due to improper code generation. Exploiting this vulnerability allows a remote attacker to enhance their privileges and execute arbitrary code...

The vulnerability of the Ruby/Gitt library interpreter in Ruby, allowing attackers to execute arbitrary code

The vulnerability of the Ruby/Gitt library interpreter in Ruby is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Bricks Builder plugin of the WordPress content management system allows a hacker to execute arbitrary code.

The vulnerability of the Bricks Builder plugin of the WordPress content management system is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Ruby/Git interpreter’s library allows a hacker to execute arbitrary code.

The vulnerability of the Ruby/Git interpreter’s library is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the golang package in the Debian GNU/Linux operating system, allowing a hacker to execute arbitrary code

The vulnerability of the golang package in the Debian GNU/Linux operating system is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

Rocky Linux 8 : firefox (RLSA-2024:0955)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0955 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

Fedora: Security Advisory for cglib (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for modello (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for jdeparser (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...