CVE-2022-35173

An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation...

CVE-2022-35173

Affected software: Nginx NJS v0.7.5. Issue: the JUMP offset for a break instruction was not set to the correct offset during code generation, leading to a segmentation fault. Impact: described as a segmentation violation with CVSS v3.1 base score 7.5 ( HIGH ). Exploit details are not provided in ...

Nginx 代码问题漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the US-based Nginx Corporation. A security vulnerability exists in Nginx NJS version v0.7.5 that stems from a segmentation violation where the JUMP offset of the interrupt directive is not set to the...

The vulnerability of the VMware Workspace One Access application management platform, the VMware Identity Manager administration console, and the VMware vRealize Automation virtual infrastructure management tools is related to improper code generation. This allows an attacker to execute arbitrary code.

The vulnerability of the VMware Workspace One Access application management platform, the VMware Identity Manager administration console, and the VMware vRealize Automation virtual infrastructure management tools is related to improper code generation. Exploiting this vulnerability allows a...

PT-2022-17811 · Hestiacp · Hestiacp

Name of the Vulnerable Software and Affected Versions: hestiacp/hestiacp versions prior to 1.6.6 Description: The issue is related to improper control of generation of code, also known as 'code injection', and improper input validation in the hestiacp/hestiacp GitHub repository. Recommendations:...

The vulnerability of the server management application CentOS Web Panel lies in improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of the CentOS Web Panel server management application is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created request...

The vulnerability of the Illumina Local Run Manager software, related to improper code generation management, allows a malicious actor to execute arbitrary code, modify settings, configurations, software, or gain access to confidential data of the affected product.

The vulnerability of the Illumina Local Run Manager software is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code, modify settings, configurations, software, or gain access to confidential data of the affected product...

PT-2022-4055 · Vmware · Vmware Vrealize Automation +2

Name of the Vulnerable Software and Affected Versions: VMware Workspace ONE Access, Identity Manager and vRealize Automation affected versions not specified Description: The issue is related to incorrect code generation management in the administration platform of VMware Workspace One Access,...

PT-2022-4059 · Vmware · Vmware Vrealize Automation +2

Name of the Vulnerable Software and Affected Versions: VMware Workspace ONE Access, Identity Manager and vRealize Automation affected versions not specified Description: The issue is related to incorrect code generation management in the administration platform of VMware Workspace One Access,...

The vulnerability of the Drupal CMS system, related to improper code generation, allows attackers to execute arbitrary code.

The vulnerability of the Drupal CMS system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the QVPN Service software, related to improper code generation, allows a hacker to execute arbitrary code.

The vulnerability of the QVPN Service software is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

[SECURITY] Fedora 36 Update: golang-github-google-wire-0.5.0-4.fc36

Wire is a code generation tool that automates connecting components using dependency injection. Dependencies between components are represented in Wire as function parameters, encouraging explicit initialization instead of global variables. Because Wire operates without runtime state or reflectio...

[SECURITY] Fedora 36 Update: golang-github-googleapis-gnostic-0.5.3-7.fc36

This package contains a Go command line tool which converts JSON and YAML OpenAPI descriptions to and from equivalent Protocol Buffer representations. Protocol Buffers provide a language-neutral, platform-neutral, extensible mechanism for serializing structured data. gnostic's Protocol Buffer...

The vulnerability of the server management application CentOS Web Panel lies in improper code generation, allowing attackers to execute arbitrary code.

The vulnerability of the CentOS Web Panel server management application is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created request...

CVE-2022-31169

Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime's code generator, Cranelift, for AArch64 targets where constant divisors can result in incorrect division results at runtime. This affects Wasmtime prior to version 0.38.2 and Cranelift prior to 0.85.2. This issue only...

The vulnerability affects the runtime of procedure calls in the Microsoft Windows operating system, allowing an attacker to execute arbitrary code.

The vulnerability of remote procedure call runtime in the Microsoft Windows operating system is related to improper code generation management. Exploitation of this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows Network File System (NFS) allows a hacker to execute arbitrary code.

The vulnerability of the Windows Network File System NFS operating system is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows Network File System (NFS) allows a hacker to execute arbitrary code.

The vulnerability of the Windows Network File System NFS operating system is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system’s Fax Service allows a hacker to execute arbitrary code.

The vulnerability of the Windows operating system’s Fax Service is related to improper code generation management. Exploiting this vulnerability can allow attackers to increase their privileges...

Fedora: Security Advisory for golang-github-cheekybits-genny (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...